Hello. After reading the original 2009'th post (http://websecurity.com.ua/3152), in the last paragraph the author says that it is possible(in Wordpress 2.0.x) to corrupt wp_users table by automatically registering multiple accounts, so I think the problem is to be found there.
Just a small reminder, youtube has lot's of "proof" for unbelievers of all sorts including water to wine, ddosing by ping, etc, but in my opinion, the POC code is normally used to show the proof in security communities. Have a nice day. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
