New WordPress update a must for users
Posted on 23 April 2012.
A new stable version of the popular free open source blogging tool WordPress is available for download, and users are advised to do get a move on and install it, as it's a security update for all previous versions.

Among the external libraries used by WordPress that have also received security updates are Plupload and SWFUpload (for uploading media), and SWFObject (for embedding Flash content).

A number of additional security vulnerabilities have been addressed in WordPress 3.3.2:
  • a limited privilege escalation that allowed site administrators to deactivate network-wide plugins when running a WordPress network under particular circumstances,
  • a XSS vulnerability that was possible to exploit when making URLs clickable, and
  • several other XSS flaws that affected the handling of post-comment redirects and URL filtering.
Current users can download the update from the Dashboard -> Updates menu in their site’s admin area.






Spotlight

(IN)SECURE Magazine issue 45 released

(IN)SECURE Magazine is a free digital security publication discussing some of the hottest information security topics. Learn about personal data bankruptcy and the cost of privacy, security and compliance, delivering digital security to a mobile world, and much more.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  
DON'T
MISS

Tue, Mar 3rd
    COPYRIGHT 1998-2015 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //