via Dan Goodin writing at Ars Technica comes the sorry tale of the hundred thousand. Yes, approximatley 100,000 (give or take a couple thousand possible targets...) WordPress sites have succumbed to a vulnerability hiding resolutely in the so-called ThemeGrill Demo Importer add-in. Suffice to say, the litany of failure-to-secure in the WordPress world is a long and infamous tale.