Version 3.0.2

On November 30, 2010, WordPress 3.0.2 was released to the public. This was a mandatory security update for all previous WordPress versions.

For version 3.0.2, the database version (db_version in wp_options) remained at 15477.

Installation/Update Information

To download WordPress 3.0.2, update automatically from the Dashboard > Updates menu in your site’s admin area or visit https://wordpress.org/download/release-archive/.

For step-by-step instructions on installing and updating WordPress:

If you are new to WordPress, we recommend that you begin with the following:

Summary

  • Fix moderate security issue where a malicious Author-level user could gain further access to the site. (r16625)

Other bugs and security hardening:

  • Remove pingback/trackback blogroll whitelisting feature as it can easily be abused. (#13887)
  • Fix canonical redirection for permalinks containing %category% with nested categories and paging. (#13471)
  • Fix occasional irrelevant error messages on plugin activation. (#15062)
  • Minor XSS fixes in request_filesystem_credentials() and when deleting a plugin. (r16367r16373)
  • Clarify the license in the readme (r15534)
  • Multisite: Fix the delete_user meta capability (r15562)
  • Multisite: Force current_user_can_for_blog() to run map_meta_cap() even for super admins (#15122)
  • Multisite: Fix ms-files.php content type headers when requesting a URL with a query string (#14450)
  • Multisite: Fix the usage of the SUBDOMAIN_INSTALL constant for upgraded WordPress MU installs (#14536)

List of Files Revised

wp-includes/ms-files.php 
wp-includes/version.php
wp-includes/comment.php
wp-includes/functions.php
wp-includes/load.php
wp-includes/canonical.php
wp-includes/capabilities.php
readme.html
wp-admin/includes/plugin.php
wp-admin/includes/file.php
wp-admin/includes/update-core.php
wp-admin/plugins.php

First published

Last updated