Thanks to the guys over at blogsecurity I now know that there is a new vulnerability for wordpress in the wild. The "wp-admin/link.php"; script does not check the permissions of the user before adding a new Blogroll link. A fixed links.php file has been made available which addresses the problem and is available here.

Simply replace the wp-admin/link.php with the new one and you should be good :)

Comments