If you haven’t upgraded your WordPress installation to the latest version WordPress 3.3.2, stop what you’re doing and upgrade now! If you can’t do the upgrade right now, don’t delay and do it as soon as you can. WordPress 3.3.2 which was released a few days ago is a security update which makes it mandatory if you want to keep your blog/website safe and running smoothly.
Here are the affected libraries that received security updates:
- Plupload (version 1.5.4), which WordPress uses for uploading media.
- SWFUpload, which WordPress previously used for uploading media, and may still be in use by plugins.
- SWFObject, which WordPress previously used to embed Flash content, and may still be in use by plugins and themes.
WordPress 3.3.2 also includes the following fixes:
- Limited privilege escalation where a site administrator could deactivate network-wide plugins when running a WordPress network under particular circumstances.
- Cross-site scripting vulnerability when making URLs clickable.
- Cross-site scripting vulnerabilities in redirects after posting comments in older browsers, and when filtering URLs.
Users can download WordPress 3.3.2 to upgrade manually or do it automatically via the WordPress admin panel – Dashboard > Updates. Don’t forget to make it a habit to backup your WordPress database and deactivate all plugins before upgrading.
Since I was pretty busy during the weekend, I was only able to upgrade my WordPress installation earlier today. The upgrade process went smoothly and so far, there’s been no problems or compatibility issues with any of the plugins that I’m running on the site.
Aside from WordPress 3.3.2, the dev team has also released WordPress 3.4 Beta 3 which includes about 90 fixes/changes since Beta 2. Again, please take note that WordPress 3.4 Beta 3 is only for testing purposes and shouldn’t be used/installed on live sites. For those testing the software, please make sure to report any bugs that you find.
Anybody else upgraded to WordPress 3.3.2? Did you experience any problems or issues during and/or after the upgrade? Anyone trying out WordPress 3.4 Beta 3? Please share your thoughts?