WordPress.org just announced the availability of the WP 3.0.3.
WordPress security fix was released today on 8th December 2010 shortly after the release of WP 3.0.2 on 1st december 2010.
WordPress 3.0.3 is security update for all previous WordPress versions.
The new release fixes issues in the remote publishing interface. The bug allowed author and contributor level users in certain circumstances to improperly edit, publish or delete posts.
Please note, these issues affects the sites that have remove publishing enabled only.
Remote publishing is disabled by default in wordpress but can be enabled by some users. To confirm if remote publishing is enabled or disabled, goto: Settings > Writing and check for xml-prc settings.
You can Download WordPress 3.0.3 here or update automatically from the “Dashboard → Updates” screen in your site’s admin area.