WordPress.org

Ready to get started?Download WordPress

Codex

Version 3.3.2

On April 20, 2012, WordPress 3.3.2 was released to the public. This is a maintenance and security update.

For version 3.3.2, the database version (db_version in wp_options) remained at 19470.

Installation/Update Information

To download WordPress 3.3.2, update automatically from the Dashboard > Updates menu in your site's admin area or visit http://wordpress.org/download/release-archive/.

For step-by-step instructions on installing and updating WordPress:

If you are new to WordPress, we recommend that you begin with the following:

Summary

Three external libraries included in WordPress received security updates:

  • Plupload (version 1.5.4), which WordPress uses for uploading media.
  • SWFUpload, which WordPress previously used for uploading media, and may still be in use by plugins.
  • SWFObject, which WordPress previously used to embed Flash content, and may still be in use by plugins and themes.

WordPress 3.3.2 also addresses:

  • Limited privilege escalation where a site administrator could deactivate network-wide plugins when running a WordPress network under particular circumstances.
  • Cross-site scripting vulnerability when making URLs clickable.
  • Cross-site scripting vulnerabilities in redirects after posting comments in older browsers, and when filtering URLs.

A full log of the changes made for 3.3.2 can be found at http://core.trac.wordpress.org/changeset?new=20554%40branches%2F3.3&old=20087%40branches%2F3.3

List of Files Revised

readme.html
wp-comments-post.php
wp-admin/about.php
wp-admin/plugins.php
wp-admin/press-this.php
wp-admin/setup-config.php
wp-admin/includes/update-core.php
wp-includes/capabilities.php
wp-includes/formatting.php
wp-includes/kses.php
wp-includes/ms-functions.php
wp-includes/script-loader.php
wp-includes/version.php
wp-includes/wp-db.php
wp-includes/js/swfobject.js
wp-includes/js/plupload/changelog.txt
wp-includes/js/plupload/handlers.dev.js
wp-includes/js/plupload/plupload.js
wp-includes/js/plupload/plupload.flash.js
wp-includes/js/plupload/plupload.flash.swf
wp-includes/js/plupload/plupload.html4.js
wp-includes/js/plupload/plupload.html5.js
wp-includes/js/plupload/plupload.silverlight.js
wp-includes/js/plupload/plupload.silverlight.xap
wp-includes/js/swfupload/swfupload.swf
See also index of various WordPress Versions.