WordPress 3.0.2 is a mandatory security update for all previous WordPress versions.
This maintenance release fixes a moderate security issue that could allow a malicious Author-level user to gain further access to the site, addresses a handful of bugs, and provides some additional security enhancements.
Fixed on day zero
One-click update makes you safe
This used to be hard
Download 3.0.2 or update automatically from the Dashboard > Updates menu in your site’s admin area. You should update immediately even if you do not have untrusted users.