The remote host is running a version of WordPress earlier than 2.8.4. Such versions are potentially affected by a flaw in the βreset_password()β function of the βwp-login.phpβ script which allows an attacker to reset the password for the first account without a key in the database (usually the admin account).
Binary data 5126.prm