WordPress 3.0.2 is available and is a mandatory security update for all previous WordPress versions. Haiku has become traditional:
Fixed on day zero
One-click update makes you safe
This used to be hard
This maintenance release fixes a moderate security issue that could allow a malicious Author-level user to gain further access to the site, addresses a handful of bugs, and provides some additional security enhancements. Big thanks to Vladimir Kolesnikov for detailed and responsible disclosure of the security issue!
Download 3.0.2 or update automatically from the Dashboard > Updates menu in your site’s admin area. You should update immediately even if you do not have untrusted users.
View full post on WordPress News