Peaches Posted December 2, 2010 Report Share Posted December 2, 2010 Important Security Update Available for WordPress Version 3.0.2 of popular blogging platform WordPress was released as a mandatory security update, which contains fixes for several flaws, including one that carries a moderate risk. A complete list of changes reads:- Fix moderate security issue where a malicious Author-level user could gain further access to the site.- Minor XSS fixes in request_filesystem_credentials() and when deleting a plugin.- Remove pingback/trackback blogroll whitelisting feature as it can easily be abused.- Fix canonical redirection for permalinks containing category with nested categories and paging.- Fix occasional irrelevant error messages on plugin activation.- Clarify the license in the readme- Multisite: Fix the delete_user meta capability - Multisite: Force current_user_can_for_blog() to run map_meta_cap() even for super admins- Multisite: Fix ms-files.php content type headers when requesting a URL with a query string- Multisite: Fix the usage of the SUBDOMAIN_INSTALL constant for upgraded WordPress MU installsUsers are advised to upgrade to the new version immediately by going to the Dashboard Updates menu, especially since the process is now a lot easier and straight-forward than it used to be. Details - http://news.softpedi...ss-169820.shtml Quote Link to post Share on other sites
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.