Title: Version 3.7.8
Published: May 19, 2019

---

# Version 3.7.8

## In this article

 * [Installation/Update Information](https://wordpress.org/documentation/wordpress-version/version-3-7-8/?output_format=md#installation-update-information)
 * [Summary](https://wordpress.org/documentation/wordpress-version/version-3-7-8/?output_format=md#summary)
 * [List of Files Revised](https://wordpress.org/documentation/wordpress-version/version-3-7-8/?output_format=md#list-of-files-revised)

[ Back to top](https://wordpress.org/documentation/wordpress-version/version-3-7-8/?output_format=md#wp--skip-link--target)

On May 6, 2015, WordPress 3.7.8 was released to the public, along with WordPress
4.2.2. This is both a security update for all previous WordPress versions, and a
maintenance release for versions 3.7 and newer.

## 󠀁[Installation/Update Information](https://wordpress.org/documentation/wordpress-version/version-3-7-8/?output_format=md#installation-update-information)󠁿

To download WordPress 3.7.8, update automatically from the Dashboard > Updates menu
in your site’s admin area or visit [https://wordpress.org/download/release-archive/](https://wordpress.org/download/release-archive/).

For step-by-step instructions on installing and updating WordPress:

 * [Updating WordPress](https://wordpress.org/documentation/article/updating-wordpress/)

If you are new to WordPress, we recommend that you begin with the following:

 * [New To WordPress – Where to Start](https://wordpress.org/documentation/article/new_to_wordpress_-_where_to_start/)
 * [First Steps With WordPress](https://wordpress.org/documentation/article/first-steps-with-wordpress/)
   or [Upgrading WordPress Extended](https://wordpress.org/documentation/article/upgrading-wordpress-extended-instructions/)
 * [WordPress Lessons](https://wordpress.org/documentation/article/wordpress-lessons/)

## 󠀁[Summary](https://wordpress.org/documentation/wordpress-version/version-3-7-8/?output_format=md#summary)󠁿

From the [announcement post](https://wordpress.org/news/2015/05/wordpress-4-2-2/),
WordPress 3.7.8 fixes a cross-site scripting vulnerability contained in an HTML 
file shipped with recent Genericons packages including in the Twenty Fifteen theme
as well as a number of popular plugins, and improves on a fix for a critical cross-
site scripting vulnerability introduced in [3.7.7](https://codex.wordpress.org/Version_3.7.7).

The release also includes hardening for a potential cross-site scripting vulnerability
when using the Visual editor.

WordPress 3.7.8 also contains fixes for 3 bugs from [3.7.7](https://codex.wordpress.org/Version_3.7.7),
including:

 * Lowers memory usage for a regex checking for UTF-8 encoding
 * Fixes how WordPress checks for encoding when sending strings to MySQL

## 󠀁[List of Files Revised](https://wordpress.org/documentation/wordpress-version/version-3-7-8/?output_format=md#list-of-files-revised)󠁿

    ```wp-block-preformatted
    readme.html wp-includes/wp-db.php wp-includes/version.php wp-includes/compat.php wp-admin/includes/update-core.php wp-admin/includes/upgrade.php wp-admin/about.php
    ```

First published

May 19, 2019

Last updated