There’s a new security update to WordPress 3.1.x which fixes a hole which would allow a user with Editor rights to get themselves higher level access. This kind of elevation of privilege attack is generally regarded as a Bad Thing. If, like me, you’re the only user of your WordPress site, then you’ll be less concerned about that particular hole, but there are some other security fixes, so it’s worth installing.
And for those brave enough to play with release candidates, RC3 is now available, and it includes the same fix.
Actual release of WordPress 3.2 should now be very soon – probably within the next couple of days unless something major breaks…
Full details and links from the official announcement: