All WordPress customers that are hosted on my server have now been updated to WordPress 3.3.2. I have checked to make sure all plugins are working with the new update, but if you notice any problems with the latest update please contact me.
Whats included in the latest update?
The WordPress 3.3.2 update focuses on increasing security of three external libraries included within WordPress, these are:
- Plupload (version 1.5.4), which WordPress uses for uploading media
- SWFUpload, which WordPress previously used for uploading media, and may still be in use by plugins
- SWFObject, which WordPress previously used to embed Flash content in pages and posts, which might be in use by plugins and themes
As far as I’m aware all WordPress customers have access to a shortcode for adding shockwave flash movies into posts and pages so changes to the SWFObject shouldn’t affect you.
The WordPress update also addresses the following issues:
- Limited privilege escalation where a site administrator could deactivate network-wide plugins when running a WordPress network under particular circumstances
- Cross-site scripting vulnerability when making URLs clickable
- Cross-site scripting vulnerabilities in redirects after posting comments in older browsers, and when filtering URLs
For more information on the recent update you can view the official update log on the WordPress 3.3.2 Codex
