Here is a critical upgrade for WordPress users or webmasters to secure the WordPress blog from being hacked. Today, WordPress team released a critical upgrade as WordPress 3.0.4 as a security update for XSS vulnerability. There was a bug in WordPress sanitation library called KSES which may cause XSS Vulnerability. That means, malicious attackers may put some client side script in your blog’s web pages which may revoke your access to the admin dashboard.
Thru Cross-site Scripting i.e. XSS, people can bypass the client side security mechanism and inject their script in your web pages or web applications. As per some reports on web, there are people who’s blogs were hacked due to such incident. Specially when you hosting server is not much secured, this kind of hack is possible without much effort. That’s why I always encourage newbies to avoid free hosting service providers. If you don’t want to spend much on hosting servers, then you should try free blogging platforms like Blogspot or WordPress.com.
Anyways, here is the link to download WordPress 3.0.4 and upgrade your WordPress files. You may try upgrading from dashboard by using Auto-upgrade option as well.