

Wordpress Security Flaw: Reset Admin Password of Any Blog Without Confirmation - mindplunge
http://www.programmerfish.com/wordpress-security-flaw-reset-admin-password-of-any-blog-without-confirmation/

======
kevingadd
Hey, I found a security hole! Seems like the logical thing to do is go use it
on a bunch of random websites.

~~~
chaosmachine
And he documented his "success" for the whole world to see. I wonder what the
legal implications are.

