=====================================================================
                                   CERT-Renater

                        Note d'Information No. 2010/VULN511
_____________________________________________________________________

DATE                      : 09/12/2010

HARDWARE PLATFORM(S)      : /

OPERATING SYSTEM(S)       : Systems running WordPress versions prior to 3.0.3.

======================================================================
http://wordpress.org/news/2010/12/wordpress-3-0-3/
______________________________________________________________________


WordPress 3.0.3
Posted December 8, 2010 by Peter Westwood. Filed under Releases,Security.

WordPress 3.0.3 is available and is a security update for all previous WordPress versions.

This release fixes issues in the remote publishing interface, which under
certain circumstances allowed Author- and Contributor-level users to
improperly edit, publish, or delete posts.

These issues only affect sites that have remote publishing enabled.

Remote publishing is disabled by default, but you may have enabled it
to use a remote publishing client such as one of the WordPress mobile
apps. You can check these settings on the “Settings → Writing” screen.

Download 3.0.3 or update automatically from the “Dashboard → Updates”
screen in your site’s admin area.


======================================================================

          =========================================================
          Les serveurs de référence du CERT-Renater
          http://www.urec.fr/securite
          http://www.cru.fr/securite
          http://www.renater.fr
          =========================================================
          + CERT-RENATER          | tel : 01-53-94-20-44          +
          + 23 - 25 Rue Daviel    | fax : 01-53-94-20-41          +
          + 75013 Paris           | email: certsvp@renater.fr     +
          =========================================================