Version 4.3.1

On September 15, 2015, WordPress 4.3.1 was released to the public. This is a security update for all previous WordPress versions.

Installation/Update Information

To download WordPress 4.3.1, update automatically from the Dashboard > Updates menu in your site’s admin area or visit https://wordpress.org/download/release-archive/.

For step-by-step instructions on installing and updating WordPress:

If you are new to WordPress, we recommend that you begin with the following:

Summary

From the announcement post, WordPress 4.3.1 fixes two cross-site scripting vulnerabilities (CVE-2015-5714, CVE-2015-5715) and a potential privilege escalation.

In addition to the security fixes, WordPress 4.3.1 contains fixes for 26 bugs from 4.3, including:

  • Taxonomy: Arguments switched in wp_batch_split_terms Cron Job in Version 4.3 #33423
  • TinyMCE: Plugin wplink throw js TypeError: editor.wp undefined #33393
  • Customizer: Focusing a control outside of a panel when a panel is open results in a blank screen with no navigation back #33396
  • Users: Feature detect best event to use on password fields #33398
  • Users: Creating a new user without a password causes error message issues #33406
  • Customizer: remove_panel('nav_menus') action generates errors #33411
  • Customize: JS error when uploading small image as Site Icon and electing to Skip Cropping #33417
  • Users: Cancelling password update on user-profile fails #33419
  • Customizer: Toggling customizer controls based on another control does not work anymore in Version 4.3 #33428
  • Text Changes: Fix Period Position in wp-admin/about.php #33429
  • Widgets: Not displayed if no $instance data is set #33442
  • Taxonomy: wp_dropdown_categories doesn’t respect show_option_all #33452
  • Database: wpdb class method get_table_from_query() malfunctions if table name contains a dash (-#33470
  • Upgrade/Install: After upgrade to Version 4.3 unable to update plugins. #33480
  • Users: Documented $public_only parameter not passed to the get_usernumposts filter #33481
  • Upgrade/Install: Comments for Version 4.3 to be default “off” for pages but 1 remains #33490
  • Comments: Bug in Comment Quick Edit in smaller screen #33596
  • TinyMCE: Visual Editor freezing when multiple HTML tables are added to the post #33617
  • Formatting: wpautop breaks HTML comments #33645
  • Users: wp_new_user_notification breaking change. #33654
  • Customizer: Shift-clicking a widget in the preview doesn’t move focus #33695
  • Administration: Password label not focussing password field when clicked #33778
  • TinyMCE: Update to 4.2.5 #33782
  • Networks and Sites: “Attribute content to” dropdown missing when deleting a user in network admin #33811
  • Users: Import global $wp_hasher in wp_new_user_notification #33826

List of Files Revised

readme.html
wp-admin/about.php
wp-admin/css/forms-rtl.css
wp-admin/css/forms.css
wp-admin/css/list-tables-rtl.css
wp-admin/css/list-tables.css
wp-admin/css/login-rtl.min.css
wp-admin/css/login.min.css
wp-admin/css/wp-admin-rtl.min.css
wp-admin/css/wp-admin.min.css
wp-admin/includes/class-wp-filesystem-ssh2.php
wp-admin/includes/class-wp-ms-users-list-table.php
wp-admin/includes/class-wp-users-list-table.php
wp-admin/includes/template.php
wp-admin/includes/upgrade.php
wp-admin/includes/user.php
wp-admin/includes/version.php
wp-admin/js/customize-controls.js
wp-admin/js/customize-controls.min.js
wp-admin/js/customize-nav-menus.js
wp-admin/js/customize-nav-menus.min.js
wp-admin/js/edit-comments.js
wp-admin/js/edit-comments.min.js
wp-admin/js/user-profile.js
wp-admin/js/user-profile.min.js
wp-admin/network/site-new.php
wp-admin/network/site-users.php
wp-admin/network/user-new.php
wp-admin/network/users.php
wp-includes/category-template.php
wp-includes/class-wp-xmlrpc-server.php
wp-includes/default-widgets.php
wp-includes/formatting.php
wp-includes/js/tinymce/plugins/charmap/plugin.js
wp-includes/js/tinymce/plugins/charmap/plugin.min.js
wp-includes/js/tinymce/plugins/lists/plugin.js
wp-includes/js/tinymce/plugins/media/plugin.js
wp-includes/js/tinymce/plugins/media/plugin.min.js
wp-includes/js/tinymce/plugins/paste/plugin.js
wp-includes/js/tinymce/plugins/paste/plugin.min.js
wp-includes/js/tinymce/plugins/wpeditimage/plugin.js
wp-includes/js/tinymce/plugins/wpeditimage/plugin.min.js
wp-includes/js/tinymce/plugins/wplink/plugin.js
wp-includes/js/tinymce/plugins/wplink/plugin.min.js
wp-includes/js/tinymce/plugins/wpview/plugin.js
wp-includes/js/tinymce/plugins/wpview/plugin.min.js
wp-includes/js/tinymce/skins/lightgray/content.inline.min.css
wp-includes/js/tinymce/skins/lightgray/content.min.css
wp-includes/js/tinymce/skins/lightgray/skin.ie7.min.css
wp-includes/js/tinymce/skins/lightgray/skin.min.css
wp-includes/js/tinymce/themes/modern/theme.js
wp-includes/js/tinymce/themes/modern/theme.min.js
wp-includes/js/tinymce/tinymce.min.js
wp-includes/js/tinymce/wp-tinymce.js.gz
wp-includes/js/wp-ajax-response.js
wp-includes/js/wp-ajax-response.min.js
wp-includes/media.php
wp-includes/pluggable.php
wp-includes/shortcodes.php
wp-includes/taxonomy.php
wp-includes/user.php
wp-includes/version.php
wp-includes/widgets.php
wp-includes/wp-db.php

First published

Last updated