Among the external libraries used by WordPress that have also received security updates are Plupload and SWFUpload (for uploading media), and SWFObject (for embedding Flash content).
A number of additional security vulnerabilities have been addressed in WordPress 3.3.2:
- a limited privilege escalation that allowed site administrators to deactivate network-wide plugins when running a WordPress network under particular circumstances,
- a XSS vulnerability that was possible to exploit when making URLs clickable, and
- several other XSS flaws that affected the handling of post-comment redirects and URL filtering.
Reading our newsletter every Monday will keep you up-to-date with security news.
Receive a daily digest of the latest security news.