Yes it keeps us busy even during the festive season. A number of critical security issues were identified with WordPress 2.3.1 (may apply to older versions too) that necessitated an urgent security release. WordPress 2.3.2 is now available. One of the problem is a SQL Injection Vulnerability that exposes internal information about your WordPress installation. These are common problems that plague web applications. I did a brief presentation on Secure Web Programming a few moons ago. It was primarily intended to be a high-level overview to familiarize programmers with web application security issues. You can download it if you’re interested.