20th April 2012, 16:02 #1
WordPress Releases Version 3.3.2 & WordPress 3.4 Beta 3
WordPress has just released the version 3.3.2, which is a security update that resolves a number of vulnerabilities found in previous releases. According to the announcement, three external libraries included in WordPress received security updates: Plupload, SWFUpload and SWFObject.
- Plupload (version 1.5.4), which WordPress uses for uploading media.
- SWFUpload, which WordPress previously used for uploading media, and may still be in use by plugins.
- SWFObject, which WordPress previously used to embed Flash content, and may still be in use by plugins and themes.
WordPress 3.3.2 also addresses other issues that were fixed:
- Cross-site scripting vulnerability when making URLs clickable.
- Cross-site scripting vulnerabilities in redirects after posting comments in older browsers, and when filtering URLs.
- Limited privilege escalation where a site administrator could deactivate network-wide plugins when running a WordPress network under particular circumstances.
Download WordPress 3.3.2 or update now from the Dashboard > Updates menu in your site’s admin area.
In addition to this release, WordPress 3.4 Beta 3 is also now available for download. Version 3.4 Beta 3 includes all of the fixes included in version 3.3.2 And while the build isn’t ready for the prime time, plugin and theme developers should already be working with it for testing.
Download WordPress 3.4 Beta 3
21st April 2012, 03:21 #2
Thanks. Upgraded the moment I saw the notification, yesterday. :0
21st April 2012, 05:02 #3
Good! That version of a WordPress is actually a security update & they have fixed 11 vulnerabilities in this version, which had been found in previous releases.
23rd April 2012, 23:08 #4
Thanks for the heads up! Just updated! A few days late, but it's been a LONG weekend!