WordPress released a mandatory security update to the public on November 30, 2010. Please be advised that you need to upgrade your WordPress version to 3.0.2 immediately.
WordPress Security Issues / Enhancements
According to WordPress.org, a moderate security risk was found that could allow a malicious Author-level user further access into your website. This issue has been fixed in WordPress 3.0.2.
WordPress 3.0.2 also addresses a handful of bugs and provides some additional security enhancements such as:
- Remove pingback/trackback blogroll whitelisting feature as it can easily be abused.
- Fix canonical redirection for permalinks containing %category% with nested categories and paging.
- Fix occasional irrelevant error messages on plugin activation.
- Minor XSS fixes in request_filesystem_credentials() and when deleting a plugin.
- Clarify the license in the readme.
- Multisite: Fix the delete_user meta capability.
- Multisite: Force current_user_can_for_blog() to run map_meta_cap() even for super admins.
- Multisite: Fix ms-files.php content type headers when requesting a URL with a query string.
- Multisite: Fix the usage of the SUBDOMAIN_INSTALL constant for upgraded WordPress MU installs.
Were there any files deleted in this release?
WordPress 3.0.2 uses all the same files and nothing became obsolete, but 12 files were changed.
Here is a list of WordPress Files that were Revised in 3.0.2:
Upgrading to WordPress 3.0.2
We tested the automatic upgrade from the Dashboard > Updates and also did a manual upgrade. Both were successful.
For WordPress security, please upgrade to WordPress 3.0.2 immediately.
After upgrading to WordPress 3.0.2, we noticed an intermittent error message when creating a new post caused from the MaxBlogPress Ping Optimizer Plugin. This error comes and goes:
Warning: Missing argument 1 for PingOptimizer::__mpoFetchPostDetails(), called in /PATH/WORDPRESS/wp-content/plugins/maxblogpress-ping-optimizer/maxblogpress-ping-optimizer.php on line 503 and defined in /PATH/WORDPRESS/wp-content/plugins/maxblogpress-ping-optimizer/mpo-lib/include/mbp-ping-optimizer.cls.php on line 135
Leave Your Feedback
How was your upgrade experience with WordPress 3.0.2? Did you have any issues with this release? Let us know by leaving your comment below.