My Dashboard tells me Don’t Panic! WordPress Is Secure (24 Days ago). This is talking about BugTraq 14088 29-Jun-2005 which only affected version 1.5.1 and earlier. There have of course been others and will be in the future (no software is immune) but there was a new one a few days ago that is a false alarm. The problem arises because of the confusion of names (a familiar story). The alert is BugTraq 15582 which refers to phpWordPress. This is a commercial publishing management system and they clearly state at the bottom of their home page that they are not affiliated with the open-source program WordPress in any way. Perhaps wordpress.org needs a similar disclaimer.