> Also in the upcoming 2.7 release of WordPress we are including a built-in upgrade mechanism within WordPress which will allow people to upgrade automatically with ease.

At last! This has been one of the remaining few pains of using Wordpress.

Move along, there's nothing to see here....

Doesn't The Register use WordPress? So should I stop reading The Register online? Na, joking.

More on Wordpress 2.6.2 and 2.6.3 exploits.

Malicious damage can be caused by exploits from JadenAveBot used by PSI; hosted by Cogentco. The trick is writing exclusions in the robot.txt

****User-agent: Bad bot

Disallow: / cgi-bin /

Disallow: / images /

Disallow: / tmp /

Disallow: / private /

Disallow: /wp-content /

Disallow: /wp-admin /

User-agent: Snapbot

Disallow: / cgi-bin /

Disallow: / images /

Disallow: / tmp /

Disallow: / private /

Disallow: /wp-content /

Disallow: /wp-admin /

User-agent: ShopWiki

Disallow: / cgi-bin /

Disallow: / images /

Disallow: / tmp /

Disallow: / private /

Disallow: /wp-content /

Disallow: /wp-admin /

User-agent: Voyager

Disallow: / cgi-bin /

Disallow: / images /

Disallow: / tmp /

Disallow: / private /

Disallow: /wp-content /

Disallow: /wp-admin /

User-agent:JadynAveBot

Disallow: / cgi-bin /

Disallow: / images /

Disallow: / tmp /

Disallow: / private /

Disallow: /wp-content /

Disallow: /wp-admin /****

another trick is to excluded websites using PHP Script and htaccess files to work together to ban sites and user defined ranges to limit access to wordpress sites.