The compromised code was distributed through the wordpress.org site for 3 to 4 days before the issue was detected. “Although not all downloads of 2.1.1 were affected, we’re declaring the entire version dangerous,” said Mullenweg. “If your blog is running 2.1.1, please upgrade immediately and do a full overwrite of your old files, especially those in wp-includes. … If you are a web host or network administrator, block access to ‘theme.php’ and ‘feed.php’, and any query string with ‘ix=’ or ‘iz=’ in it.”

WordPress is an open source blogging application that has become widely used, especially since its primary competitor, the commercial blogging app Movable Type, raised its prices in 2004.

PHP-driven blogging and CMS applications have become a popular target for hackers, who seek to exploit installations that have not patched published vulnerabilities. The WordPress issue is more problematic in that it involves a break-in to a development server and the distribution of compromised code that left users vulnerable to the crackers who installed the exploit.