It appears that many WordPress-powered sites across the net are still running an older version of the software that has become vulnerable to security issues. I’ve personally seen this issue crop up when I’ve clicked through on the titles of a few RSS feeds that pointed to spam links, not the originating blog. If you’re not running the latest version of WordPress, take a look at your feeds to be sure your site isn’t compromised. Not only is this a bad thing for your users, but Technorati has stopped tracking many of these blogs, as will the search engines.

Technorati staffer Ian Kallen had this to say:

“This is a follow up on our post regarding a problem affecting thousands of WordPress blogs, Patch or Upgrade Your Wordpress Installation, Now. WordPress has since released version 2.5. However, we’ve noticed that a large number of blogs remain vulnerable to the security issue addressed by the 2.3.3 release.

Blogs that have been compromised by this security vulnerability are typified by having links to spam destinations inserted onto the blog page. These link insertions may be invisible to casual observations; the links are often obscured by style attributes that render them invisible. These links are still seen by crawlers such as Technorati’s, Google’s and Yahoo’s. You can find these links by viewing the source of the blog pages or, when using Firefox, looking under “Tools” -> “Page Info” -> “Links”. Blogs hosted on wordpress.com are not affected by this issue; only blogs hosted on their own installations of WordPress from wordpress.org require concern.

Because of this ongoing problem, we’re discontinuing processing crawls of blogs that exhibit common symptoms of being compromised. We strongly recommend upgrading your WordPress installation. Even if you haven’t been afflicted by a compromise, by the time you are aware that you have been a number of negative consequences may have already occurred (for instance, flagged spam by Technorati, Google or Yahoo!) — this has been reported by many WordPress users.

If you have questions about installing WordPress or maintaining a WordPress installation, please refer to the WordPress Documentation or the WordPress Forums. If you feel that your blog is not vulnerable to this hack but your WordPress blog is not being updated, please contact Technorati support staff.”

Special Offer for Urgent Security Upgrades

The normal cost for a complete software update is $65, but for clients who are still running WordPress 2.3.2 or below ONLY, to help you get your blog secure again I’ll be offering a special discounted upgrade of your core files and plugins for just $35, but you must contact me before midnight PST Saturday, August 9.

[source: Vulnerable WordPress Blogs Not Being Indexed on Technorati Weblog]