CVE-2008-6762 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-6762): Open redirect vulnerability in wp-admin/upgrade.php in WordPress, probably 2.6.x, allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the backto parameter.
CVE-2008-6767 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-6767): wp-admin/upgrade.php in WordPress, probably 2.6.x, allows remote attackers to upgrade the application, and possibly cause a denial of service (application outage), via a direct request.
FYI 2.8 is in CVS. Not checked if the given CVE's are fixed, though.
There is no <www-apps/wordpress-2.9.2 in portage any more.
These do not impact current versions. Closing noglsa.