WordPress 3.0.3 security update released
The WordPress development team has released version 3.0.3 of the popular open source blogging and publishing platform, a security update for the 3.0.x branch of WordPress. According to the developers, the update addresses a privilege escalation issue in the remote publishing interface that, under certain circumstances, could have allowed Author and Contributor-level users to improperly edit, publish or delete posts.
Reportedly, the issue only affects sites that have remote publishing enabled – remote publishing is disabled by default, but may be enabled when publishing from a mobile client, such as one of the WordPress mobile applications. All users are advised to upgrade to the latest release as soon as possible.
Further information about the security update can be found in a post on the WordPress News Blog and on the Codex page for version 3.0.3. WordPress 3.0.3 is available to download from the project's web site. Existing users can update automatically from the Dashboard Update menu under their site's admin area. WordPress is licensed under the GNU General Public License (GPL).
- 500,000+ Windows Live Spaces blogs migrated to WordPress, a report from The H.
- WordPress Foundation take control of WordPress trademark, a report from The H.