This article a great reminder as to why you should always keep your WordPress install updated with the latest version. If you’re running the latest version of WordPress (currently 4.0.1), the exploit discussed below does not apply to you:
Howard Lutnick, the chief executive of Cantor Fitzgerald, one of the world’s largest financial-services firms, still cries when he talks about it. Not long after the planes struck the twin towers, killing 658 of his co-workers and friends, including his brother, one of the first things on Lutnick’s mind was passwords. This may seem callous, but it was not.