
Yesterday; WordPress.Org has released WordPress 4.3.1 the new Security and Maintenance WordPress Release. WordPress.Org announced that a new WordPress release is now ready to download from the official site or you can easily update your old version for WordPress 4.3.1 from your admin panel. The new release is a security release for all previous WordPress versions.
This release comes to fix three issues, including two cross-site scripting vulnerabilities and a potential privilege escalation.
- WordPress 4.3 and earlier versions are vulnerable to a cross-site scripting vulnerability when processing shortcode tags (CVE-2015-5714). This WordPress security issue was reported by Shahar Tal and Netanel Rubin of Check Point.
- Another separate cross-site scripting vulnerability was found in the user list table. This issue was reported by Ben Bidner of the WordPress security team.
- Finally, in certain cases, users without proper permissions could publish private posts and make them sticky (CVE-2015-5715). This issue was also reported by Shahar Tal and Netanel Rubin of “Check Point”.
WordPress 4.3.1 also fixes twenty-six bugs. For more information, see the release notes or consult the list of revised files below.
This is the list of the revised files in WordPress 4.3.1:
readme.html wp-admin/about.php wp-admin/css/forms-rtl.css wp-admin/css/forms.css wp-admin/css/list-tables-rtl.css wp-admin/css/list-tables.css wp-admin/css/login-rtl.min.css wp-admin/css/login.min.css wp-admin/css/wp-admin-rtl.min.css wp-admin/css/wp-admin.min.css wp-admin/includes/class-wp-filesystem-ssh2.php wp-admin/includes/class-wp-ms-users-list-table.php wp-admin/includes/class-wp-users-list-table.php wp-admin/includes/template.php wp-admin/includes/upgrade.php wp-admin/includes/user.php wp-admin/includes/version.php wp-admin/js/customize-controls.js wp-admin/js/customize-controls.min.js wp-admin/js/customize-nav-menus.js wp-admin/js/customize-nav-menus.min.js wp-admin/js/edit-comments.js wp-admin/js/edit-comments.min.js wp-admin/js/user-profile.js wp-admin/js/user-profile.min.js wp-admin/network/site-new.php wp-admin/network/site-users.php wp-admin/network/user-new.php wp-admin/network/users.php wp-includes/category-template.php wp-includes/class-wp-xmlrpc-server.php wp-includes/default-widgets.php wp-includes/formatting.php wp-includes/js/tinymce/plugins/charmap/plugin.js wp-includes/js/tinymce/plugins/charmap/plugin.min.js wp-includes/js/tinymce/plugins/lists/plugin.js wp-includes/js/tinymce/plugins/media/plugin.js wp-includes/js/tinymce/plugins/media/plugin.min.js wp-includes/js/tinymce/plugins/paste/plugin.js wp-includes/js/tinymce/plugins/paste/plugin.min.js wp-includes/js/tinymce/plugins/wpeditimage/plugin.js wp-includes/js/tinymce/plugins/wpeditimage/plugin.min.js wp-includes/js/tinymce/plugins/wplink/plugin.js wp-includes/js/tinymce/plugins/wplink/plugin.min.js wp-includes/js/tinymce/plugins/wpview/plugin.js wp-includes/js/tinymce/plugins/wpview/plugin.min.js wp-includes/js/tinymce/skins/lightgray/content.inline.min.css wp-includes/js/tinymce/skins/lightgray/content.min.css wp-includes/js/tinymce/skins/lightgray/skin.ie7.min.css wp-includes/js/tinymce/skins/lightgray/skin.min.css wp-includes/js/tinymce/themes/modern/theme.js wp-includes/js/tinymce/themes/modern/theme.min.js wp-includes/js/tinymce/tinymce.min.js wp-includes/js/tinymce/wp-tinymce.js.gz wp-includes/js/wp-ajax-response.js wp-includes/js/wp-ajax-response.min.js wp-includes/media.php wp-includes/pluggable.php wp-includes/shortcodes.php wp-includes/taxonomy.php wp-includes/user.php wp-includes/version.php wp-includes/widgets.php wp-includes/wp-db.php
WordPress 4.3.1 Requirements:
To run this new release of WordPress on your host you need these things listed below:
- Your PHP version must be 5.2.4 or greater (WordPress.org recommends: PHP 5.6 or greater)
- Your MySQL version must be 5.0 or greater (WordPress.org recommends: MySQL 5.5 or greater).
You can contact your host if your hosting plan includes the above requirements, or we recommends to choose one of our recommended WordPress Hosting companies to host your site or blog.
Download WordPress 4.3.1:
You can download WordPress 4.3.1 in two formats: .ZIP archive or .tar.gz archive directlly from these links:
Leave a Reply