Akismet 2.1.3 vulnerable to attack? Agh!
According to David Kierznowski, WordPress’s comment anti-spam tool Akismet is vulnerable to attack. Anyone who’s ever had a WordPress blog probably knows how effective this wonderful little plugin is at defending against spammers. (Akismet has caught tens of thousands of messages on this blog.) So it’s with a heavy heart I endorse the following plan of attack:
Suggestion 1: switch off Akismet until further notice from WordPress. (Better safe than sorry.)
Suggestion 2: moderate comments as they come in (duh).
Suggestion 3: prepare doses of anti-depressants and anti-anxiety meds.
Update: Matt says, “It’s a fairly minor XSS issue, it’s been fixed in downloads and source for a few weeks now and I don’t think it’s worth deactivating the plugin for.” Game on!
Update 2: Akismet also happened to bump up to version 2.0.2 yesterday. In light of things, probably seems smart to upgrade your plugin.
I'm an editor and technology critic in the midst of founding a new web startup: 
Ryan – I shut Akismet off a long time ago – when I found Spam Karma 2.
Try it, you’ll like it! http://unknowngenius.com/blog/wordpress/spam-karma
Rob
[...] Akismet 2.1.3 vulnerable to attack? Agh! ยป Ryan Block No details given, but Jesus, I’m so tired of security vulnerabilities in absolutely everything… (tags: akismet wordpress security vulnerability) [...]