On June 29, 2011, WordPress 3.1.4 was released to the public. This is a maintenance and security update for all previous WordPress versions.
For version 3.1.4, the database version (db_version in wp_options) remained at 17516.
Installation/Update Information
To download WordPress 3.1.4, update automatically from the Dashboard > Updates menu in your site’s admin area or visit https://wordpress.org/download/release-archive/.
For step-by-step instructions on installing and updating WordPress:
If you are new to WordPress, we recommend that you begin with the following:
- New To WordPress – Where to Start
- First Steps With WordPress or Upgrading WordPress Extended
- WordPress Lessons
Summary
From the Announcement blog: “This release fixes an issue that could allow a malicious Editor-level user to gain further access to the site. Thanks K. Gudinavicius of SEC Consult for bringing this to our attention. Version 3.1.4 also incorporates several other security fixes and hardening measures thanks to the work of WordPress developers Alexander Concha and Jon Cave of our security team.”
List of Files Revised
readme.html
wp-settings.php
wp-includes/taxonomy.php
wp-includes/post.php
wp-includes/version.php
wp-includes/bookmark.php
wp-includes/wp-db.php
wp-includes/formatting.php
wp-includes/script-loader.php
wp-content/themes/twentyten/languages/twentyten.pot
wp-admin/includes/post.php
wp-admin/includes/deprecated.php
wp-admin/includes/update-core.php
wp-admin/includes/media.php
wp-admin/js/user-profile.dev.js
wp-admin/js/user-profile.js
wp-admin/custom-header.php
wp-admin/options-general.php