The guys at WordPress have issued an alert to all users who downloaded WordPress 2.1.1 in the past 3-4 days to upgrade immediately.

The statement comes after a hacker had gained access to one of WP’s servers and had managed to change the original WP code. The malicious copy, has been termed highly dangerous and can allow for remote PHP execution by anybody who knows their way around hacking.

WordPress has released WP 2.1.2 with an immediate fix to this and with some minor updates and bug fixes.

Version 2.1 and prior 2.0 versions have been unaffected and are deemed safe from the exploit.

As a security measure, WP have also reset the passwords of users at their support forum.