Among the external libraries used by WordPress that have also received security updates are Plupload and SWFUpload (for uploading media), and SWFObject (for embedding Flash content).
A number of additional security vulnerabilities have been addressed in WordPress 3.3.2:
- a limited privilege escalation that allowed site administrators to deactivate network-wide plugins when running a WordPress network under particular circumstances,
- a XSS vulnerability that was possible to exploit when making URLs clickable, and
- several other XSS flaws that affected the handling of post-comment redirects and URL filtering.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.