Description
WordPress is prone to a security bypass vulnerability because it fails to adequately restrict access to the password reset feature. An attacker can exploit this issue to reset the administrator password of the application. Repeated attacks may allow the attacker to cause persistent Denial of Service conditions. WordPress version 2.8.3 is vulnerable; prior versions may also be affected.
Remediation
Update to WordPress version 2.8.4 or latest
References
http://archives.neohapsis.com/archives/fulldisclosure/2009-08/0114.html
http://blog.sucuri.net/2009/08/wordpress-2-8-3-remote-admin-reset-password.html
http://packetstormsecurity.org/files/view/80258/wordpress-adminreset.txt
Related Vulnerabilities
WordPress Plugin NEX-Forms Lite-WordPress Contact Form builder Cross-Site Scripting (2.1.0)
WordPress Plugin Quiz And Survey Master-Best Quiz, Exam and Survey Multiple Vulnerabilities (4.7.8)
WordPress Plugin oQey Gallery 'tbpv_domain' Parameter Cross-Site Scripting (0.2)
PHP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2010-1864)
WordPress Plugin Product Reviews Import Export for WooCommerce Cross-Site Request Forgery (1.3.2)