A new release of WordPress became available last night. WordPress 3.0.5 has been made available to the public.
The release addresses a number of issues and provides two additional enhancements:
- Two moderate security issues were fixed that could have allowed a Contributor- or Author-level user to gain further access to the site.
- One information disclosure issue was addressed that could have allowed an Author-level user to view contents of posts they should not be able to see, such as draft or private posts.
- Two security enhancements were added. One improved the security of any plugins which were not properly leveraging our security API. The other offers additional defense in depth against a vulnerability that was fixed in previous release.
To upgrade, run the tool from within your WordPress dashboard or download from http://www.wordpress.org