WordPress 3.0.3 Released : Important to Upgrade Immediately

[GatorFord]

For anyone running versions of WordPress lower than 3.0.2, we highly recommend at this point that you upgrade, as versions lower than 3.0.2 contain security flaws that could lead to exploitation of your WordPress blog :

http://wordpress.org/news/2010/11/wordpress-3-0-2/

Most of the WordPress updates are very easy, and if you are least running a version of 2.7.x or higher you should see an update link in your dashboard to automatically update this. Keep in mind some plugins you're using may or may not be compatible with the new version, so it's always important to take backups of both your WordPress MySQL database as well as your public_html directory or subdirectory that WordPress is installed in before making any major changes like an upgrade.

If you have any questions about upgrading WordPress they have excellent documentation at http://codex.wordpress.org/Updating_WordPress and if you are still unsure, please don't hesitate to contact support AT hostgator.com with any questions you may have.

[virtvir5]

Thanks for posting the alert. I would have expected Wordpress to have mastered SQL injection vulnerability long ago, but I suppose 3.0 involved a lot of re-coding.

[M@rc]

Thanks for the information. I wasn't planning to upgrade, but after this information, I'm going to right away.

[weserver]

m@rc ->

You should *always* update a CMS like Joomla og WordPress whenever there's an update. There's *almost always* security fixes in the updates - and when they are in the wild, they *will* get exploited very fast. Hackers reverse engineer the code changes from one version to the next to see what the developers are changing - thereby finding out what the prolem is. Skilled hackers can create attack-code from this :-(

so when an update is availble - UPDATE !

[M@rc]

Quote:

Originally Posted by weserver

m@rc ->

You should *always* update a CMS like Joomla og WordPress whenever there's an update. There's *almost always* security fixes in the updates - and when they are in the wild, they *will* get exploited very fast. Hackers reverse engineer the code changes from one version to the next to see what the developers are changing - thereby finding out what the prolem is. Skilled hackers can create attack-code from this :-(

so when an update is availble - UPDATE !

@webserver,

I already know those reasons. I wasn't planning to upgrade yesterday, because I wasn't planning to log into cPanel to make copies of the current database ( for that day ) , if something went wrong with the upgrade.

But, I've upgraded by Wordpress blog, yesterday,

[GatorFord]

It appears 3.0.3 has come out today, again customers with WordPress are urged to upgrade to 3.0.3 :

WordPress 3.0.3
Posted December 8, 2010 by Peter Westwood. Filed under
Releases,Security.
WordPress 3.0.3 is available and is a security update for all previous
WordPress versions.

This release fixes issues in the remote publishing interface, which
under certain circumstances allowed Author- and Contributor-level users
to improperly edit, publish, or delete posts.

These issues only affect sites that have remote publishing enabled.

Remote publishing is disabled by default, but you may have enabled it to
use a remote publishing client such as one of the WordPress mobile apps.
You can check these settings on the “Settings → Writing” screen.

Download 3.0.3 or update automatically from the “Dashboard → Updates”
screen in your site’s admin area.

[codingbeaver]

The current version is 3.0.5. Every WordPress site is recommended to upgrade to the latest version. The built-in automatic update in WordPress is the easiest way to upgrade to newer version, and is as simple as one click.

[leemary34]

Thank you for informing us of the new updates and schedules.