Fix XSS bug: Properly encode title used in Quick/Bulk Edit, and offer additional sanitization to various fields. Affects users of the Author or Contributor role. (r17397, r17406, r17412)
Fix XSS bug: Preserve tag escaping in the tags meta box. Affects users of the Author or Contributor role. (r17401)
Fix potential information disclosure of posts through the media uploader. Affects users of the Author role. (r17393)
Enhancement: Force HTML filtering on comment text in the admin (r17400)
Enhancement: Harden check_admin_referer() when called without arguments, which plugins should avoid. (r17387)
Update the license to GPLv2 (or later) and update copyright information for the KSES library.
List of Files Revised
wordpress3.0.4-upgradeto-3.0.5.zip (102.2 KB)