For the first (and hopefully last) time ever, we’re glad to hear that WordPress has a major security vulnerability. Why? As a result of a security vulnerability that affects WordPress 2.0.6 and below on certain server configurations, the WordPress Developers Team has released a new version of WordPress that incorporates both a security patch for the detailed vulnerability, and a fix for the FeedBurner Bug that we reported for 2.0.6. You can download WordPress 2.0.7 or see the list of affected/changed files here on the WP Development Blog.
Originally, the WordPress team had refused to patch the WordPress 2.0.6 FeedBurner Bug on the premise that it was too soon to release another version of WordPress for a “minor” bug – which we disagreed with. However, you can now download WordPress 2.0.7 and hopefully this time there aren’t any surprise bugs that need immediate patching. We highly recommend everyone goes and downloads WordPress 2.0.7 immediately in order to avoid anyone compromising their blog/site via the security hole in WordPress 2.0.6.
Correction: WordPress is released and maintained independant from Automattic