WordPress 3.0.2 is made available today and it’s a mandatory security update for all previous WordPress versions.
This maintenance release fixes a moderate security issue that could allow a malicious Author-level user to gain further access to the site, addresses a handful of bugs, and provides some additional security enhancements. Big thanks to Vladimir Kolesnikov for detailed and responsible disclosure of the security issue!
Download 3.0.2 or update automatically from the Dashboard > Updates menu in your site’s admin area. You should update immediately even if you do not have untrusted users.
Full list of updates:
- Fix moderate security issue where a malicious Author-level user could gain further access to the site.
- Remove pingback/trackback blogroll whitelisting feature as it can easily be abused.
- Fix canonical redirection for permalinks containing %category% with nested categories and paging.
- Fix occasional irrelevant error messages on plugin activation.
- Minor XSS fixes in request_filesystem_credentials() and when deleting a plugin.
- Clarify the license in the readme
What are you waiting for? Go Upgrade your blog Now !!
Source: WordPress Blog
Pierro: Thanks for this list. I was just looking for that kind of information....
Affan Ruslan: Great offer. I'm one of genesis framework lovers, and I like it very ...
mike: Nice... It's not the magazine or newspaper look that is creating it's ...
Elan: Really WordPress gives the inventing ability of creating a magnificent...
Adrienne: I've always liked the magazine themes, some better than others. The t...