This afternoon WordPress announced the release of version 3.1.4.
Most users were hoping that the next release would be WordPress 3.2 but an issue that could allow a malicious Editor-level user to gain further access to the site had to be fixed before 3.2 was released.
The official statement from WordPress was:
“This release fixes an issue that could allow a malicious Editor-level user to gain further access to the site. Thanks K. Gudinavicius of SEC Consult for bringing this to our attention. Version 3.1.4 also incorporates several other security fixes and hardening measures thanks to the work of WordPress developers Alexander Concha and Jon Cave of our security team. Consult the change log for more details.”
If you need help updating your WordPress feel free to contact us.