WordPress 3.0.4

WordPress 3.0.4 has been released and it a critical update as it fixes an XSS vulnerability.

It is a very important update to apply to your sites as soon as possible because it fixes a core security bug in our HTML sanitation library, called KSES. I would rate this release as critical.
I realize an update during the holidays is no fun, but this one is worth putting down the eggnog for. In the spirit of the holidays, consider helping your friends as well.

If you are a security researcher, we’d appreciate you taking a look over this changeset as well to review our update. We’ve given it a lot of thought and review but since this is so core we want as many brains on it as possible. Thanks to Mauro Gentile and Jon Cave (duck_) who discovered and alerted us to these XSS vulnerabilities first.

Changelog: WordPress 3.0.4
Download: WordPress 3.0.4
Download: Modified files since WordPress 3.0.3

1 Star2 Stars3 Stars4 Stars5 Stars (138 votes, average: 3.83 out of 5)

3 thoughts on “WordPress 3.0.4”

  1. hi, would you tell me please where should I put the code in twentyten theme for your plugin wp-postviews to show me in every post after the author name the number of post views. Thanks

  2. for those of you who’d like to come out with the same results as I did put the code in the loop.php after twentyten_posted_on() in the “How to display all other posts.” section so look at my blog to see how it turns out

Comments are closed.