A MUST read for those running Wordpress 2.3.3 to learn about a new vulnerability that allows the malicious users to create a spam directory in your /wp-content/ without your permission. Read the detailed articl here!
The result of following all the links from the linked article to the original article(s) is that there is some kind of unknown vulnerability that can currently be solved by renaming your wordpress cookies. (not the ones in your browser, the ones in your wordpress-admin that get sent to your user's browsers.) The cookie renaming trick should be effective for about as long as it takes for everyone to do it, which is probably not very long. It would be trivial after having written a bot to exploit this to add in the code that checks the HTTP response for the cookie names and uses those instead of the defaults. There is very little information in the articles (http://wordpress.org/support/topic/161723, http://www.village-idiot.org/archives/2008/03/18/wordpress-spam-inject-honeypot/, http://www.village-idiot.org/archives/2008/03/19/wordpress-spam-inject-honeypot-2/) on the actual vulnerability or the exploit being attempted by the bot. The people who know about it are being very tight-lipped about the details, presumably so that would-be hackers won't be handed the exploit on a silver platter. My opinion is that once a bot is out there actively exploiting the vulnerability there's nothing to be gained by keeping secrets. The quicker we all know the details the quicker we can produce a patch. From the comments, it appears to be a remote file inclusion vulnerability. There's also some confusion about whether it allows admin access to the targeted blog by stealing the admin's cookie or by stealing the admin's password. The RFI vulnerability can be completely stopped either by turning off fopen_wrappers in your php.ini (http://php.net/filesystem) or by disallowing outbound http connections from your webserver at your firewall. In fact, I would recommend both of these actions even if you are not running WordPress. If you need to request external web pages from PHP you can achieve this by compiling PHP with curl and allowing outbound access to certain IP addresses at your firewall.
I'm with 2.3.3 right after it was released and had no problems. You might consider to check this blog for more help: bloggingpro.com/archives/category/wordpress-hacks Good luck!