Version History of WordPress 3.0.2

  • Fixed moderate security issue where a malicious Author-level user could gain further access to the site.
  • Remove pingback/trackback blogroll whitelisting feature as it can easily be abused.

Other Fixed Issues

  • URL not secured in wp-trackback.php
  • Pagination in Blog Post Won't Display Past Page 1
  • ms-files.php generates bad content-types for REQUEST_URI's with query string
  • VHOST both deprecated and required for upgraded MU installs
  • Correct license notice
  • Plugin fatal error yields irrelevant error message from WordPress
  • current_user_can_for_blog() doesn't use map_meta_cap for multisite user admins
  • comment_whitelist checking in check_comment
  • Constant UPLOADS not working for the main site if MULTISITES is not enabled

List of Files Revised

  • wp-includes/ms-files.php
  • wp-includes/version.php
  • wp-includes/comment.php
  • wp-includes/functions.php
  • wp-includes/load.php
  • wp-includes/canonical.php
  • wp-includes/capabilities.php
  • readme.html
  • wp-admin/includes/plugin.php
  • wp-admin/includes/file.php
  • wp-admin/includes/update-core.php
  • wp-admin/plugins.php