Users are advised that WordPress 3.0.3 has just been released and is a security update. This release fixes issues in the XML-RPC remote publishing interface.
This release fixes issues in the remote publishing interface, which under certain circumstances allowed Author- and Contributor-level users to improperly edit, publish, or delete posts.
If you have remote publishing enabled on your site you are urged to upgrade. You can do so easily via the built-in automatic upgrade feature. If upgrading the old fashioned way is your cup of tea here is the list of revised files …
wp-includes/version.php
xmlrpc.php
readme.html
wp-admin/includes/update-core.php
is it critical? im planing delay my update.
Hi dgrut,
Depends on your definition of critical I suppose. If remote publishing is enabled then anyone with Author and/or Contributor status can, under certain circumstances, “…improperly edit, publish, or delete posts.”
Why would you want to wait? Updating takes mere seconds now. 🙂
well, i decided to update Even my remote publishing is off. Cheers.. 😀
There’s rarely a good reason not to upgrade, especially for security releases. Plus it’s so easy and fast!
this is only a threat if you have a site with multiple authors, and you don’t trust then and make them be allowed only to mess with their own posts
if you admin a site with that style and 1 of its authors is a hacker, he may wanna play admin in your site and test how serious is your backup system
yup, currently im single author, even though an update must have some values added. So updates is important.
Agreed. Single authors create singular problems here. I don’t trust people enough to have multiple admins as of yet.
If you want to do a manual update, all you need to do is copy wp-includes/version.php and
xmlrpc.php. Unless you’re really concerned that your readme.html reflects the new version 🙂
What’s the use of updating when de last releases since 3.0.1 don’t even function properly?
Hi Rene,
Releases since 3.0.1 work flawlessly for me as they do for most people. What problems have you been encountering?
Hi Len,
When installing 3.0.1 gives me a lot of white screens when I want to add a User or want to change publishingdates wysiwyg doesn’t work at all and more problems.
For more info you can look here http://pannenenkoeken.nl/phpinfo.php
Hi Rene,
With respect to the Visual Editor, are you using the Safari browser by any chance? If so, there is a section in the Codex that deals with that problem.
http://codex.wordpress.org/FAQ_Troubleshooting
If not, it almost sounds as if some of the files were not upgraded properly. Indeed, blank screens are usually indicative of PHP errors.
I would try a manual upgrade for the heck of it.
http://codex.wordpress.org/Upg.....s_Extended
Additionally, there is some good reading at the following link.
http://codex.wordpress.org/FAQ_Installation
Len,
I upgradet manually, but is doesn’t make any difference sadly.
Hi Rene,
I don’t really want the comment section to turn into a support thread. If you like you can post a query in our support forum. Myself, or someone else can take a look. If you’re not comfortable with posting in our forum have you tried the WordPress support forums?
Len,
I had no intention to turn this space into a support thread.
Then back to the fact dat WP issues al lot(to much imho) updates.
Rene,
Don’t take my previous reply the wrong way. We are more than happy to help you troubleshoot the problem, either in our forum or the WordPress forums. 🙂
Rrrr !!! i just updated to 3.0.2 and now they release another one ? >< !
I had to modify my entire theme to be compatible with 3 … i hope nothing happens to it when i update to 3.0.2.
Hi Lea,
3.0.2 and 3.0.3 are security releases, nothing more.