October 28, 2016

Security Update: WordPress 3.1.4. Released

The WordPress team has released WordPress 3.1.4. This release is a security update for all previous WordPress versions.

This new release fixes a security issue that could allow an intruder in Editor-level user to gain further access to the site. The vulnerability has been discovered by K. Gudinavicius and reported to the WordPress development team.

Also include in WordPress version 3.1.4 other security fixes and hardening measures.

List of Files Revised

  • readme.html
  • wp-settings.php
  • wp-includes/taxonomy.php
  • wp-includes/post.php
  • wp-includes/version.php
  • wp-includes/bookmark.php
  • wp-includes/wp-db.php
  • wp-includes/formatting.php
  • wp-includes/script-loader.php
  • wp-content/themes/twentyten/languages/twentyten.pot
  • wp-admin/includes/post.php
  • wp-admin/includes/deprecated.php
  • wp-admin/includes/update-core.php
  • wp-admin/includes/media.php
  • wp-admin/js/user-profile.dev.js
  • wp-admin/js/user-profile.js
  • wp-admin/custom-header.php
  • wp-admin/options-general.php

All WordPress website administrators are encouraged to upgrade to this latest version. You can update automatically from the Dashboard > Updates menu in your site’s admin area or download 3.1.4 directly.