WordPress

WordPress 3.3.2 Release Notes

WordPress officially released WordPress 3.3.2 today.

Here are the official WordPress 3.3.2 release notes:

Three external libraries included in WordPress received security updates:

  • Plupload (version 1.5.4), which WordPress uses for uploading media.
  • SWFUpload, which WordPress previously used for uploading media, and may still be in use by plugins.
  • SWFObject, which WordPress previously used to embed Flash content, and may still be in use by plugins and themes.

WordPress 3.3.2 also addresses:

  • Limited privilege escalation where a site administrator could deactivate network-wide plugins when running a WordPress network under particular circumstances.
  • Cross-site scripting vulnerability when making URLs clickable.
  • Cross-site scripting vulnerabilities in redirects after posting comments in older browsers, and when filtering URLs.

A full log of the changes made for 3.3.2 can be found at http://core.trac.wordpress.org/changeset?new=20550%40branches%2F3.3&old=20087%40branches%2F3.3

Related posts