Two days ago, the WordPress dev team released WordPress 3.0.5 which is a security hardening update that includes security enhancements like improved security of any plugins that didn’t properly leverage security API, additional in-depth defense against vulnerabilities, fix for a information disclosure issue that could’ve allowed author-level users to view content of drafts & private posts and a bug fix for an issue that could’ve allowed contributor or author-level users to gain further access to the website/blog.
WordPress 3.0.5 did its job of fixing the security issues and bugs but it also created a small glitch that stripped advanced HTML from comments. Here’s Mark Jaquith’s explanation about the WordPress 3.0.5 bug.
One of the security fixes for WordPress 3.0.5 was overzealous. It fixed the issue, but it also stripped advanced HTML (on display, not save, thankfully) from comments by people with the unfiltered_html capability. It’s sort of a rare bug – doesn’t apply to multisite installs, and not many people know that Editors and Administrators on single WP installs can use images etc in comments, so we don’t think it warrants another release.
To address/fix this issue, the Akismet team included the hotfix with the release of Akismet 2.5.3. If you’re not using Akismet, you can use the newly created plugin called Hotfix that fixes the WordPress 3.0.5 bug. You might want to keep this plugin for future use as it is designed to fix selected bugs that might come with future versions of WordPress.
Still haven’t upgraded to WordPress 3.0.5? Common now! It only takes a few minutes of your time and it will save you a ton of headaches and problems. Better safe than sorry folks!
You can download WordPress 3.0.5 manually from WordPress.org or do it automatically via the WordPress admin panel — Dashboard > Updates. If you do upgrade your WordPress installation, don’t forget to download the latest version of Akismet or the Hotfix plugin so you won’t get bitten by the WordPress 3.0.5 bug.
Anybody here who’s already upgraded to WordPress 3.0.5? Anyone had issues with the WordPress 3.0.5 bug?
JaypeeOnline started out as a personal blog back in 2002 as a place for the author to share his experiences & rants. After a few years, the author learned more about blogging and saw its potential so he decided to become serious and focus on a specific niche. Since the author loved computers and gadgets, Technology was the obvious choice.
This blog features the latest & popular Technology stories and other related topics that are featured in different categories - Gadgets, Freeware, Internet, Social Media and SEO just to mention a few. As a long-time and avid user of WordPress, the author also features a lot of WordPress-related stories and updates.
Aside from the author, this blog also features articles from guest bloggers. If you are interested in submitting your article/s and want it to be published here at JaypeeOnline, please read the Guest Post Guidelines.
More details on the About page.