The WordPress.org development team has released version 3.0.5 of its open source blogging and publishing platform, a maintenance and security update that addresses two vulnerabilities; these could have allowed a Contributor- or Author-level user to gain further access to the site. An information disclosure issue has also been fixed that allowed Author-level users to view the contents of posts which they should not be able to see, such as draft and private posts.
Source
Source
