New WordPress update a must for users
Posted on 23 April 2012.
A new stable version of the popular free open source blogging tool WordPress is available for download, and users are advised to do get a move on and install it, as it's a security update for all previous versions.

Among the external libraries used by WordPress that have also received security updates are Plupload and SWFUpload (for uploading media), and SWFObject (for embedding Flash content).

A number of additional security vulnerabilities have been addressed in WordPress 3.3.2:
  • a limited privilege escalation that allowed site administrators to deactivate network-wide plugins when running a WordPress network under particular circumstances,
  • a XSS vulnerability that was possible to exploit when making URLs clickable, and
  • several other XSS flaws that affected the handling of post-comment redirects and URL filtering.
Current users can download the update from the Dashboard -> Updates menu in their site’s admin area.






Spotlight

101,000 US taxpayers affected by automated attack on IRS app

The IRS has revealed more details about an attack it suffered last month, mounted by unknown individuals with the aim to file fraudulent tax returns and funnel the returned money to their own bank accounts.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  
DON'T
MISS

Wed, Feb 10th
    COPYRIGHT 1998-2016 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //