• Welcome to Tux Reports: Where Penguins Fly. We hope you find the topics varied, interesting, and worthy of your time. Please become a member and join in the discussions.

WordPress 3.3.2 Security Fixes

LPH

Flight Director
Flight Instructor
WordPress 3.3.2 is now available for update.

From the site:

Three external libraries included in WordPress received security updates:​
  • Plupload (version 1.5.4), which WordPress uses for uploading media.​
  • SWFUpload, which WordPress previously used for uploading media, and may still be in use by plugins.​
  • SWFObject, which WordPress previously used to embed Flash content, and may still be in use by plugins and themes.​
WordPress 3.3.2 also addresses:​
  • Limited privilege escalation where a site administrator could deactivate network-wide plugins when running a WordPress network under particular circumstances.​
  • Cross-site scripting vulnerability when making URLs clickable.​
  • Cross-site scripting vulnerabilities in redirects after posting comments in older browsers, and when filtering URLs.​
 
Top