Popular blogging platform WordPress on Monday released version 3.0.5 to patch a number of vulnerabilities that could allow a contributor- or author-level user to execute cross-site scripting
attacks or siphon sensitive information.
The company stated that the update also improves security of plug-ins "which were not properly leveraging our security API." US-CERT recommends that WordPress users install the update
. – GM