On September 6, 2012, WordPress 3.4.2 was released to the public. This is a maintenance and security update.
Version 3.4.2 fixes a few security issues and contains some security hardening. These issues were discovered and addressed by the WordPress security team:
- Fix unfiltered HTML capabilities in multisite.
- Fix possible privilege escalation in the Atom Publishing Protocol endpoint.
- Allow operations on network plugins only through the network admin.
- Hardening: Simplify error messages when uploads fail.
- Hardening: Validate a parameter passed to wp_get_object_terms().