A new version of WordPress is available for download. WordPress version 3.3.1 includes a fix for a disclosed reflected cross-site scripting vulnerability reported by Joshua H., Hoang T., Stefan Zimmerman, Chris K and the GoDaddy team. It also includes 15 other fixes for several other bugs.

Even though the reflected cross-site scripting vulnerability is hard to reproduce, it might be used in targeted attacks. Therefore it is recommended to upgrade your WordPress installation at the earliest possible. More information on the new WordPress release can be found in the WordPress Codex.


Acunetix developers and tech agents regularly contribute to the blog. All the Acunetix developers come with years of experience in the web security sphere.

  • Came to know the XSS is only when the users are using IP address for installing the CMS & not more than that .Is it true?

    • Hi Mark, it is true. Though I wouldn’t risk it. If you have no specific reason upgrade to the latest version.

  • Hello i am new on wordpress platform, and have a query.
    1.I have 3.2.1 wordpress.
    2.Before i upgrade to 3.3.1 do i have to do anything special eg save all my data before i upgrade.
    3.If i have to save my settings and my whole site before i upgrade,How do i do that??

    • Hi Wayne,

      Thank you for getting in touch. For such generic questions I would recommend you to post them on our community driven forums; http://www.websitedefender.com/forums. As regards the upgrade, it is a MUST to always do backup (not just for WordPress) when upgrading a software. To make a WordPress backup you can simply use your hosting provider’s backup features.

  • G’day to you,

    I have just upgraded to Version 3.3.1 and to my horror seem to have lost my page edit workspace, it shows no text in VISUAL mode, but the word counter tells me there is in fact text in that workspace.

    When I switch to HTML mode, lo and behold, there it all is. I hoofed it to another computer that uses IE8 and the text appears in VISUAL mode. I realised at that point that the computer I was working on uses Chrome.

    Obviously a browser issue. Is this a known issue and how can I fix this?

    I looked in the forums and it seems a few people are having the same issue, however their solutions are waaaaay beyond my abilities to comprehend, let alone fix.

    Where to now?

    Hope to hear from you soon,

    Kind regards

  • Comments are closed.