WordPress Lost Password SQL Column Truncation Unauthorized Access Vulnerability

info
discussion
exploit
solution
references

WordPress Lost Password SQL Column Truncation Unauthorized Access Vulnerability

WordPress is prone to an unauthorized-access vulnerability.

Successfully exploiting this issue will allow attackers to reset the password of arbitrary accounts.

WordPress 2.6.1 is vulnerable; other versions may also be affected.