Version 3.1.3

On May 25, 2011, WordPress 3.1.3 was released to the public. This is a security update for all previous WordPress versions.

For version 3.1.3, the database version (db_version in wp_options) remained at 17516.

Installation/Update Information

To download WordPress 3.1.3, update automatically from the Dashboard > Updates menu in your site’s admin area or visit https://wordpress.org/download/release-archive/.

For step-by-step instructions on installing and updating WordPress:

If you are new to WordPress, we recommend that you begin with the following:

Summary

  • Various security hardening by Alexander Concha.
  • Taxonomy query hardening by John Lamansky.
  • Prevent sniffing out user names of non-authors by using canonical redirects. Props Verónica Valeros.
  • Media security fixes by Richard Lundeen of Microsoft, Jesse Ou of Microsoft, and Microsoft Vulnerability Research.
  • Improves file upload security on hosts with dangerous security settings.
  • Cleans up old WordPress import files if the import does not finish.
  • Introduce “clickjacking” protection in modern browsers on admin and login pages.

List of Files Revised

readme.html
wp-login.php
wp-app.php
wp-includes/default-filters.php
wp-includes/taxonomy.php
wp-includes/post.php
wp-includes/theme.php
wp-includes/functions.php
wp-includes/formatting.php
wp-includes/canonical.php
wp-includes/class-oembed.php
wp-includes/meta.php
wp-includes/version.php
wp-admin/admin-ajax.php
wp-admin/includes/post.php
wp-admin/includes/class-wp-plugins-list-table.php
wp-admin/includes/import.php
wp-admin/includes/template.php
wp-admin/includes/media.php
wp-admin/ms-delete-site.php
wp-admin/custom-header.php
wp-admin/plugins.php
wp-admin/press-this.php
wp-admin/custom-background.php

First published

Last updated