(re)Blog-notes informatiqueCours d'informatique, Formation informatique, 
Création & Hébergement de site web, Yiannis Girod, Genève - Suisse

A lire sur secunia.com:

...The vulnerability has been confirmed in version 2.0.2. Other versions may also be affected.

Solution:
Restrict web access to the wp-content/cache/userlogins/ and wp-content/cache/users/ directories (e.g. with a .htaccess file)...

Sources:

• Secunia - Advisories - WordPress PHP Code Injection Vulnerability
  http://secunia.com/advisories/20271/
• FrSIRT - WordPress User Profile Handling Remote PHP Command Injection Vulnerability / Exploit
  http://www.frsirt.com/bulletins/5349