WordPress.org

Codex

Interested in functions, hooks, classes, or methods? Check out the new WordPress Code Reference!

Version 3.0.2

On November 30, 2010, WordPress 3.0.2 was released to the public. This was a mandatory security update for all previous WordPress versions.

For version 3.0.2, the database version (db_version in wp_options) remained at 15477.

Installation/Update Information

To download WordPress 3.0.2, update automatically from the Dashboard > Updates menu in your site's admin area or visit http://wordpress.org/download/release-archive/.

For step-by-step instructions on installing and updating WordPress:

If you are new to WordPress, we recommend that you begin with the following:

Summary

  • Fix moderate security issue where a malicious Author-level user could gain further access to the site. (r16625)

Other bugs and security hardening:

  • Remove pingback/trackback blogroll whitelisting feature as it can easily be abused. (#13887)
  • Fix canonical redirection for permalinks containing %category% with nested categories and paging. (#13471)
  • Fix occasional irrelevant error messages on plugin activation. (#15062)
  • Minor XSS fixes in request_filesystem_credentials() and when deleting a plugin. (r16367, r16373)
  • Clarify the license in the readme (r15534)
  • Multisite: Fix the delete_user meta capability (r15562)
  • Multisite: Force current_user_can_for_blog() to run map_meta_cap() even for super admins (#15122)
  • Multisite: Fix ms-files.php content type headers when requesting a URL with a query string (#14450)
  • Multisite: Fix the usage of the SUBDOMAIN_INSTALL constant for upgraded WordPress MU installs (#14536)

List of Files Revised

wp-includes/ms-files.php
wp-includes/version.php
wp-includes/comment.php
wp-includes/functions.php
wp-includes/load.php
wp-includes/canonical.php
wp-includes/capabilities.php
readme.html
wp-admin/includes/plugin.php
wp-admin/includes/file.php
wp-admin/includes/update-core.php
wp-admin/plugins.php
See also: other WordPress Versions.