It was just announced on the WordPress development blog that 2.6.2 has been released. If you allow user registration, it’s highly recommended you upgrade immediately.
In versions 2.6.1 and earlier, it’s possible for one to create a username that is then able change the password of another user. Although this randomly generated password isn’t revealed to the attacker, it’s still an annoyance if your password gets randomly changed constantly.
Anyway, go ahead and upgrade WordPress ASAP, especially if you have open registration enabled.
Looking for web hosting?
Question: What's the best type of web hosting?
Answer: The kind you don't have to worry about.
And that's precisely why I recommend HostGator. I've been using them myself for years and they've been nothing short of superb.
Fast load times, great support, WordPress-friendly, and good prices. Not much more you can ask for.
New customers can get 25% off of any HostGator web hosting package with the coupon: themelab25percentoffNote: I am a HostGator affiliate, but that doesn't make my recommendation any less genuine.