It’s that time again, to upgrade all your WordPress installs. This morning the core team released WordPress 3.3.2 which includes security updates for three external libraries:
- Plupload (version 1.5.4), which WordPress uses for uploading media.
- SWFUpload, which WordPress previously used for uploading media, and may still be in use by plugins.
- SWFObject, which WordPress previously used to embed Flash content, and may still be in use by plugins and themes.
Here are a few other bugs addressed in WordPress 3.3.2:
- Limited privilege escalation where a site administrator could deactivate network-wide plugins when running a WordPress network under particular circumstances, disclosed by Jon Cave of our WordPress core security team, and Adam Backstrom.
- Cross-site scripting vulnerability when making URLs clickable, by Jon Cave.
- Cross-site scripting vulnerabilities in redirects after posting comments in older browsers, and when filtering URLs. Thanks to Mauro Gentile for responsibly disclosing these issues to the security team.
Here is the official WordPress News release on WordPress.org.
So do it, go upgrade to WordPress 3.3.2 today!
If you have questions about your site security email Sucuri Info. Make sure to run a free malware scan with Sucuri SiteCheck.
Ashley Sand
Antony Garand
Luke Leal
Krasimir Konov
Rianna MacLeod
Bruno Zanelato
Denis Sinegubko
10 comments
Hasn’t this been out for a while? All my sites are already at 3.3.2, I it seems like i did that upgrade a month of so ago?
Hi Preston. It is likely 3.3.1 you’re referring to. 3.3.2 was just released this morning.
Thanks… it just started showing up correctly.
Thanks! Great Info
Thanks for the heads up. Go Chargers!
updated 🙂
http://www.cicekgonder.in sizlerde sevdiklerize çiçek gönder in. çiçek siparişi verin.
Comments are closed.