Wordpress LogoWordPress 3.0.2 is available and is a mandatory security update for all previous WordPress versions.

This maintenance release fixes a moderate security issue that could allow a malicious Author-level user to gain further access to the site, addresses a handful of bugs, and provides some additional security enhancements. Big thanks to Vladimir Kolesnikov for detailed and responsible disclosure of the security issue!

Download 3.0.2 or update automatically from the Dashboard > Updates menu in your site’s admin area. You should update immediately even if you do not have untrusted users.

http://wordpress.org/news/?p=1550