Attention Interested in functions, hooks, classes, or methods? Check out the new WordPress Code Reference!

Version 3.7.8

On May 6, 2015, WordPress 3.7.8 was released to the public, along with WordPress 4.2.2. This is both a security update for all previous WordPress versions, and a maintenance release for versions 3.7 and newer.

Installation/Update Information

To download WordPress 3.7.8, update automatically from the Dashboard > Updates menu in your site's admin area or visit https://wordpress.org/download/release-archive/.

For step-by-step instructions on installing and updating WordPress:

If you are new to WordPress, we recommend that you begin with the following:


From the announcement post, WordPress 3.7.8 fixes a cross-site scripting vulnerability contained in an HTML file shipped with recent Genericons packages including in the Twenty Fifteen theme as well as a number of popular plugins, and improves on a fix for a critical cross-site scripting vulnerability introduced in 3.7.7.

The release also includes hardening for a potential cross-site scripting vulnerability when using the Visual editor.

WordPress 3.7.8 also contains fixes for 3 bugs from 3.7.7, including:

  • Lowers memory usage for a regex checking for UTF-8 encoding
  • Fixes how WordPress checks for encoding when sending strings to MySQL

List of Files Revised

See also: other WordPress Versions.