Saturday, April 21, 2012

  Latest version of Wordpress Blogging Platform, Wordpress Version 3.3.2 Has Released. This is a Security Update moreover an major update. And so this Update Has Resolved A Number Of Vulnerabilities That Found In The Previous Releases.

   As per the announcement of Wordpress, three external libraries that wordpress consists received security updates: Plupload, SWFUpload and SWFObject. Those fixed vulnerabilities were discovered by Neal Poole, Nathan Partlan and Szymon Gruszecki. This update also deals with fixing bugs that found by Organization's Core Security Team. Five more bugs are fixed among with the following fixes (You can read more Here.)

  • Limited privilege escalation where a site administrator could deactivate network-wide plugins when running a WordPress network under particular circumstances, disclosed by Jon Cave of our WordPress core security team, and Adam Backstrom.
  • Cross-site scripting vulnerability when making URLs clickable, by Jon Cave.
  • Cross-site scripting vulnerabilities in redirects after posting comments in older browsers, and when filtering URLs. Thanks to Mauro Gentile for responsibly disclosing these issues to the security team.

   Wordpress v3.4 Beta 3 is also released among with this update. You can now Download Wordpress 3.4 Beta 3. or use the WordPress Beta Tester plugin. But for this version, Plugins, and theme developers are still in developing condition. And so please do not use this beta version in productive websites rather than for theme developing or plugin development. 

   You Can Download Wordpress 3.3.2 From Here Or update now from the Dashboard → Updates menu in your site’s admin area.