WordPress releases version 3.0.5 that fix several security issues. Along with this update, it comes with 2 security enhancements and hardening so WordPress users are strongly encourage to update immediately.

According to WordPress,

Two moderate security issues were fixed that could have allowed a Contributor- or Author-level user to gain further access to the site.

One information disclosure issue was addressed that could have allowed an Author-level user to view contents of posts they should not be able to see, such as draft or private posts.

Two security enhancements were added. One improved the security of any plugins which were not properly leveraging our security API. The other offers additional defense in depth against a vulnerability that was fixed in previous release.

Upgrade to WordPress 3.0.5 now!

Barely a week after 3.0.2 was released, WordPress releases version 3.0.3, a security update to fix several vulnerabilities in the current version.

According to WordPress,

This release fixes issues in the remote publishing interface, which under certain circumstances allowed Author- and Contributor-level users to improperly edit, publish, or delete posts.

These issues only affect sites that have remote publishing enabled.

Remote publishing is disabled by default, but you may have enabled it to use a remote publishing client such as one of the WordPress mobile apps. You can check these settings on the “Settings → Writing” screen.

Upgrade to WordPress 3.0.3 now!

WordPress has just released an urgent security release that fixes a bug that can be used to expose your draft posts. 2.3.2 also suppresses some error messages that can give away information about your database table structure and limits and stops some information leaks in the XML-RPC and APP implementations.

Upgrade your WordPress version now to remove these vulnerabilities.

Also, a small feature has been included along with this release which allows you to define the error message when WordPress fails to connect to your database. Simply place  your custom template at wp-content/db-error.php.

How to upgrade?

1. WordPress 3 Step Upgrade OR
2. Techie Buzz’s WordPress Automatic Upgrade plugin (the obvious choice )