We’ve issued a new hotfix via the VaultPress plugin that closes a recently identified security issue in WordPress. WordPress 3.0.3, released yesterday, fixes issues in the remote publishing interface, which under certain circumstances allowed Author- and Contributor-level users to improperly edit, publish, or delete posts.
For VaultPress customers who haven’t yet been able to update WordPress to 3.0.3, the hotfix we’ve released will keep your site protected from this security issue. You should still update WordPress to 3.0.3 as soon as possible.
Both Basic and Premium VaultPress customers should already have been automatically updated to the latest version of the plugin, v. 0.0890. You can verify the version number by visiting your site’s WordPress dashboard, then viewing your plugins page. If your VaultPress plugin version is lower than 0.0890, you can then update the plugin manually by logging into your VaultPress dashboard, and downloading the latest version of the VaultPress plugin. Or, just contact the VaultPress Safekeeper team and we’ll take care of updating the plugin for you. We can also help you enable automatic updates to the VaultPress plugin.