WordPress: Kemaskini keselamatan versi 3.3.2

Assalamualaikum dan selamat malam,

ini sekadar artikel ringkas nak ingatkan kepada rakan-rakan yang masih belum mengemaskini versi WordPress masing-masing. Versi 3.3.2 ini membawakan kemaskini keselamatan yang penting antaranya,

Three external libraries included in WordPress received security updates:

• Plupload (version 1.5.4), which WordPress uses for uploading media.
• SWFUpload, which WordPress previously used for uploading media, and may still be in use by plugins.
• SWFObject, which WordPress previously used to embed Flash content, and may still be in use by plugins and themes.

WordPress 3.3.2 also addresses:

• Limited privilege escalation where a site administrator could deactivate network-wide plugins when running a WordPress network under particular circumstances.
• Cross-site scripting vulnerability when making URLs clickable.
• Cross-site scripting vulnerabilities in redirects after posting comments in older browsers, and when filtering URLs.

Baca butiran lanjut di sini