Title: Version 3.3.3
Published: May 19, 2019

---

# Version 3.3.3

## In this article

 * [Installation/Update Information](https://wordpress.org/documentation/wordpress-version/version-3-3-3/?output_format=md#installation-update-information)
 * [Summary](https://wordpress.org/documentation/wordpress-version/version-3-3-3/?output_format=md#summary)
 * [List of Files Revised](https://wordpress.org/documentation/wordpress-version/version-3-3-3/?output_format=md#list-of-files-revised)

[ Back to top](https://wordpress.org/documentation/wordpress-version/version-3-3-3/?output_format=md#wp--skip-link--target)

On June 27, 2012, **Version 3.3.3** was released for those who haven’t yet updated
to the 3.4 branch. It was an unannounced security fix release. At the same time,
[Versi](https://codex.wordpress.org/Version_3.4.1)[o](https://wordpress.org/wordpress-version/version-3-4-1/?output_format=md)
[n 3.4.1](https://codex.wordpress.org/Version_3.4.1) was released to the public.

This is a security update for all previous WordPress versions.

For version 3.3.3, the database version (**db_version** in **wp_options**) remained
at 19470.

## 󠀁[Installation/Update Information](https://wordpress.org/documentation/wordpress-version/version-3-3-3/?output_format=md#installation-update-information)󠁿

To download WordPress 3.3.3, visit [https://wordpress.org/download/release-archive/](https://wordpress.org/download/release-archive/).

For step-by-step instructions on installing and updating WordPress:

 * [Updating WordPress](https://wordpress.org/documentation/article/updating-wordpress/)

If you are new to WordPress, we recommend that you begin with the following:

 * [New To WordPress – Where to Start](https://wordpress.org/documentation/article/new_to_wordpress_-_where_to_start/)
 * [First Steps With WordPress](https://wordpress.org/documentation/article/first-steps-with-wordpress/)
   or [Upgrading WordPress Extended](https://wordpress.org/documentation/article/upgrading-wordpress-extended-instructions/)
 * [WordPress Lessons](https://wordpress.org/documentation/article/wordpress-lessons/)

## 󠀁[Summary](https://wordpress.org/documentation/wordpress-version/version-3-3-3/?output_format=md#summary)󠁿

Version 3.3.3 was released at the same time as [Version 3.4.1](https://wordpress.org/wordpress-version/version-3-4-1/?output_format=md)
to address security vulnerabilities affecting the 3.3 branch that were fixed in 
either [Version 3.4](https://wordpress.org/wordpress-version/version-3-4/?output_format=md)
or [Version 3.4.1](https://wordpress.org/wordpress-version/version-3-4-1/?output_format=md):

 * Cross-Site Scripting: Fix persistent XSS via editable slug fields. (Also fixed
   in 3.4.0.)
 * Hardening: Deprecate wp_explain_nonce(), which could reveal unnecessary information.(
   Also fixed in 3.4.1.)
 * Hardening: Require a child theme to be activated with its intended parent only.(
   Also fixed in 3.4.1.)
 * Information Disclosure: Restrict some post IDs when dealing with media uploading,
   which could leak some info (or attach media to a post the user doesn’t have privileges
   to). (Also fixed in 3.4.0.)
 * Information Disclosure: Hide post excerpts when the user cannot read the whole
   post (e.g. a contributor can’t read someone else’s draft beyond the title). (
   Also fixed in 3.4.0.)
 * XSS Hardening: Escape the output of get_pagenum_link(). Note that this function
   was previously considered to have returned unescaped data, so this was not a 
   vulnerability, but an enhancement. (Also fixed in 3.4.0.)
 * CSRF Hardening: Prevent unfiltered HTML in comments when there is potential for
   clickjacking (i.e. when the front-end of the site is loaded in a frame). (Also
   fixed in 3.4.0.)

For the complete list of changesets: [https://core.trac.wordpress.org/log/branches/3.3?rev=21147&stop_rev=21082&verbose=on](https://core.trac.wordpress.org/log/branches/3.3?rev=21147&stop_rev=21082&verbose=on)

## 󠀁[List of Files Revised](https://wordpress.org/documentation/wordpress-version/version-3-3-3/?output_format=md#list-of-files-revised)󠁿

    ```wp-block-preformatted
    wp-includes/default-filters.php wp-includes/version.php wp-includes/functions.php wp-includes/link-template.php wp-includes/capabilities.php readme.html wp-admin/includes/class-wp-posts-list-table.php wp-admin/includes/class-wp-upgrader.php wp-admin/includes/update-core.php wp-admin/includes/class-wp-themes-list-table.php wp-admin/media-upload.php wp-admin/about.php wp-admin/themes.php
    ```

First published

May 19, 2019

Last updated