Today I got email from Matt saying wordpress 3.0.4 version is released and we must need to update the wordpress due the major security reasons. When I checked the following article I realized the how important is wordpress 3.0.4 version.

What Matt is saying at the end of 2010

My last message to you this year is an important but unfortunate one: we’ve fixed a pretty critical vulnerability in WordPress’ core HTML sanitation library, and because this library is used lots of places it’s important that everyone update as soon as possible.

I realize an update during the holidays is no fun, but this one is worth putting down the eggnog for. In the spirit of the holidays, consider helping your friends as well.

You can update in your dashboard, on the “updates” tab, or download the latest WordPress here:

wordpress 3.0.4

wordpress 3.0.4

What Major Changes wordpress did in this 3.0.4 version.

They resolved following issue:

Don’t be case sensitive to attribute names. Handle padded entities when checking for bad protocols. Normalize entities before checking for bad protocols in esc_url(). Props Mauro Gentile, duck_, miqrogroove

WordPress changes the following files.

  • wp-includes/formatting.php
  • wp-includes/kses.php

Written by Purab

My name is Purab, Here is my Personal Blog: I contributor of many wordpress plugins and Drupal Modules. I am core developer of Drupal. Connect to on LinkedIn or Follow @purab on Twitter or Follow me on Google+ or Write Mail to or Chat with me on Skype : purabdk

Leave a Comment

Your email address will not be published. Required fields are marked *