XSS "Service Pack" for WordPress
A German web security searcher has found seven XSS (Cross Site Scripting) vulnerabilities in WordPress and has launched a patch for them... in the form of an XSS blog worm!
[From Blogsecurity and Planet-Websecurity]