WordPress 4.3.1 has been released and available for download or update in your WordPress dashboard. This is the first maintenance release of 4.3 ("Billie"), addressed a critical cross-site scripting vulnerability, which could enable anonymous users to compromise a site.
Download WordPress
WordPress 4.3.1 is available for download or update in WordPress dashboard. Sites that support automatic background updates will be updated to WordPress 4.3.1 . For a full description of the system requirements, and the download links, see: Download WordPress 4.3.1
Details
WordPress is an open source CMS, often used as a blog publishing application powered by PHP and MySQL. It has many features including a plugin architecture and a templating system. Used by over 300 of the 10,000 biggest websites, WordPress is the most popular blog software in use today.
It was first released in May 2003 by Matt Mullenweg as a fork of b2/cafelog. As of September 2009, it was being used by 202 million websites worldwide.
WordPress 4.3 "Billie" includes new features that make it even easier to format your content and customize your site. More details can be found here.
What's new in WordPress 4.3.1
Version 4.3.1 addresses the following security issues:
- WordPress versions 4.3 and earlier are vulnerable to a cross-site scripting vulnerability when processing shortcode tags (CVE-2015-5714).
- A separate cross-site scripting vulnerability was found in the user list table.
- Finally, in certain cases, users without proper permissions could publish private posts and make them sticky (CVE-2015-5715).
The full details of changes that are in WordPress 4.3.1 is available in the changelog.
Source:
WordPress News
No comments:
Post a Comment