WordPress 3.0.2 disponibil de ziua Romaniei

Se pare ca s-a fixat un bug in care userul de tip “author” isi putea insusi drepturi mai multe. Poti descarca ultima versiune de wordpress direct de la ei de pe site: http://wordpress.org/download/
Mai jos lista de lucruri fixate:

Summary

* Fix moderate security issue where a malicious Author-level user could gain further access to the site. (r16625)

Other bugs and security hardening:

* Remove pingback/trackback blogroll whitelisting feature as it can easily be abused. (#13887)
* Fix canonical redirection for permalinks containing %category% with nested categories and paging. (#13471)
* Fix occasional irrelevant error messages on plugin activation. (#15062)
* Minor XSS fixes in request_filesystem_credentials() and when deleting a plugin. (r16367, r16373)
* Clarify the license in the readme (r15534)
* Multisite: Fix the delete_user meta capability (r15562)
* Multisite: Force current_user_can_for_blog() to run map_meta_cap() even for super admins (#15122)
* Multisite: Fix ms-files.php content type headers when requesting a URL with a query string (#14450)
* Multisite: Fix the usage of the SUBDOMAIN_INSTALL constant for upgraded WordPress MU installs (#14536)

No comments yet.

Leave a Comment