• Skip to primary navigation
  • Skip to content
  • Skip to primary sidebar
  • Skip to footer

Sucuri Blog

Website Security News

  • Products
    • Website Security Platform
    • Website Firewall (WAF)
    • Enterprise Website Security
    • Multisite Solutions
  • Features
    • Detection
    • Protection
    • Performance
    • Response
    • Backups
  • Partners
    • Agency Solutions
    • Partners
    • Referral Program
    • Ecommerce
  • Resources
    • Guides
    • Webinars
    • Infographics
    • SiteCheck
    • Reports
    • Email Courses
  • Immediate Help
  • Login

WordPress Security Release – Upgrade to 3.3.2 TODAY

April 20, 2012Dre Armeda

0
SHARES
FacebookTwitterSubscribe

It’s that time again, to upgrade all your WordPress installs. This morning the core team released WordPress 3.3.2 which includes security updates for three external libraries:

  • Plupload (version 1.5.4), which WordPress uses for uploading media.
  • SWFUpload, which WordPress previously used for uploading media, and may still be in use by plugins.
  • SWFObject, which WordPress previously used to embed Flash content, and may still be in use by plugins and themes.

Here are a few other bugs addressed in WordPress 3.3.2:

  • Limited privilege escalation where a site administrator could deactivate network-wide plugins when running a WordPress network under particular circumstances, disclosed by Jon Cave of our WordPress core security team, and Adam Backstrom.
  • Cross-site scripting vulnerability when making URLs clickable, by Jon Cave.
  • Cross-site scripting vulnerabilities in redirects after posting comments in older browsers, and when filtering URLs. Thanks to Mauro Gentile for responsibly disclosing these issues to the security team.

Here is the official WordPress News release on WordPress.org.

So do it, go upgrade to WordPress 3.3.2 today!


If you have questions about your site security email Sucuri Info. Make sure to run a free malware scan with Sucuri SiteCheck.

0
SHARES
FacebookTwitterSubscribe

Categories: Security Advisory, Website Security, WordPress Security

About Dre Armeda

Dre Armeda was Sucuri’s founding CEO and Co-Founder who helped start up the company in 2010. Today, Dre is Sr. Director of Technical Program Management and serves as Head of Technical Program Management (TPM) for GoDaddy's Partners Business. As head of TPM, Dre leads the PMO and Program Delivery Teams, ultimately driving all the program management functions and supporting our partners. When Dre isn't executing strategic initiatives at GoDaddy, you can find him on the mat training in Jiu Jitsu as a Carlson Gracie brown belt. Connect with Dre on Twitter.

Reader Interactions

Comments

  1. prestoniscrazy

    April 20, 2012

    Hasn’t this been out for a while? All my sites are already at 3.3.2, I it seems like i did that upgrade a month of so ago?

    • Andres Armeda

      April 20, 2012

      Hi Preston. It is likely 3.3.1 you’re referring to. 3.3.2 was just released this morning.

      • prestoniscrazy

        April 20, 2012

        Thanks… it just started showing up correctly.

  2. Martin

    April 20, 2012

    Thanks! Great Info

  3. Mike From Maine

    April 20, 2012

    Thanks for the heads up. Go Chargers!

  4. Connectandroid

    April 21, 2012

    updated 🙂

  5. Cicek Gonder

    June 28, 2012

    http://www.cicekgonder.in sizlerde sevdiklerize çiçek gönder in. çiçek siparişi verin.

Primary Sidebar

Socialize With Sucuri

We're actively engaged across multiple platforms. Follow us and let's connect!

  • Facebook
  • Twitter
  • LinkedIn
  • YouTube
  • Instagram
  • RSS Feed

2019 Threat Report

WordPress Security Course

WordPress Security Guide

Join Over 20,000 Subscribers!

Footer

Products

  • Website Firewall
  • Website AntiVirus
  • Website Backups
  • WordPress Security
  • Enterprise Services

Solutions

  • DDos Protection
  • Malware Detection
  • Malware Removal
  • Malware Prevention
  • Blacklist Removal

Support

  • Blog
  • Knowledge Base
  • SiteCheck
  • Research Labs
  • FAQ

Company

  • About
  • Media
  • Events
  • Employment
  • Contact
  • Testimonials
  • Facebook
  • Twitter
  • LinkedIn
  • Instagram

Customer Login

Sucuri Home

  • Terms of Use
  • Privacy Policy
  • Frequently Asked Questions

© 2020 Sucuri Inc. All rights reserved

Sucuri Cookie Policy
See our policy>>

Our website uses cookies, which help us to improve our site and enables us to deliver the best possible service and customer experience.