WordPress 3.0.4 Update Released

WordPress releases version 3.0.4 yesterday which closes a “critical” security vulnerability in how the KSES library is vulnerable to XSS (aka. Cross Site Scripting) attacks. XSS attacks are characters like ‘,<,>,; that can be embedded in URL’s or submitted in HTTP POST requests and can compromise an application possibly allowing an attacking application or user to execute malicious code and gain access to information or get into the web application itself.

As a web security professional myself I always recommend users to upgrade and patch immediately when critical vulnerabilities are found to reduce your chances of being vulnerable. Remember that most hacks occur because they leverage vulnerabilities that existed and already had a patch for. Once a vulnerability or security issue becomes public it increases the number of users who will try to exploit it on any system.

Read more about the WordPress 3.0.4 Version and upgrade your WordPress blog today.

I always remind readers to take a backup of their SQL database before upgrading. Do this with the WP-DBManager plugin or manually through the PHPMyAdmin application in your Hosting Provider account.

I have used the WordPress Dashboard automatic upgrade on 6 of the WordPress blog I administrate and it worked fine without issues.

-Dragon Blogger

Justin Germino
Working in the IT Industry for over 17 years starting with OS, Networking and then moving into web based technologies including authentication and online security. Dragon Blogger has unique insights and opinions to how the internet and web technology works. An Avid movie fan, video game fan and fan of trying anything and everything new.
Justin Germino

@dragonblogger

Content Creator/Owner of https://t.co/iWP6afuOc9 for Tech, Game, Entertainment and streamer at https://t.co/594fXMdMIA
Oliver loving his #cyberpowerpc rig https://t.co/oQO0R2cUCn - 1 hour ago
Justin Germino
Justin Germino
Share Feedback We Want to Hear From You