- Showing My Geek - http://blog.ogwatermelon.com -

WordPress 3.0.3 released today

This release fixes issues in the remote publishing interface, which under certain circumstances allowed Author- and Contributor-level users to improperly edit, publish, or delete posts.

These issues only affect sites that have remote publishing enabled.

Remote publishing is disabled by default, but you may have enabled it to use a remote publishing client such as one of the WordPress mobile apps. Fixes issues in the XML-RPC remote publishing interface which under certain circumstances allowed Author- and Contributor-level users to improperly edit, publish or delete posts.  I have already upgrade my blog but I have remote publishing turned off.  You can turn it off by unchecking the Atom and xml-rc check boxes by going to Settings and selecting Writing.

You can read more about the problem by reading the WordPress trac post at http://core.trac.wordpress.org/changeset/16803.

List of Files Revised

wp-includes/version.php
xmlrpc.php
readme.html
wp-admin/includes/update-core.php