WordPress刚刚发布了新版本3.0.2，更新日志上看，这是一个安全更新版本，修复了潜在的作者级别权限的不可信用户进入，并修复了其它一些未列明的安全更新。目前后台一键升级已经推送，更新版本前不要忘记备份相关数据。

官方更新日志

• Posted November 30, 2010 by Mark Jaquith. Filed under Releases,Security.
• WordPress 3.0.2 is available and is a mandatory security update for all previous WordPress versions. Haiku has become traditional:
• Fixed on day zero
• One-click update makes you safe
• This used to be hard
• This maintenance release fixes a moderate security issue that could allow a malicious Author-level user to gain further access to the site, addresses a handful of bugs, and provides some additional security enhancements. Big thanks to Vladimir Kolesnikov for detailed and responsible disclosure of the security issue!
• Download 3.0.2 or update automatically from the Dashboard > Updates menu in your site’s admin area. You should update immediately even if you do not have untrusted users.