Title: Version 3.8.23
Published: May 15, 2019

---

# Version 3.8.23

## In this article

 * [Installation/Update Information](https://wordpress.org/documentation/wordpress-version/version-3-8-23/?output_format=md#installation-update-information)
 * [Summary](https://wordpress.org/documentation/wordpress-version/version-3-8-23/?output_format=md#summary)
 * [List of Files Revised](https://wordpress.org/documentation/wordpress-version/version-3-8-23/?output_format=md#list-of-files-revised)

[ Back to top](https://wordpress.org/documentation/wordpress-version/version-3-8-23/?output_format=md#wp--skip-link--target)

On 31 Oct, 2017, WordPress 3.8.23 was released to the public.

## 󠀁[Installation/Update Information](https://wordpress.org/documentation/wordpress-version/version-3-8-23/?output_format=md#installation-update-information)󠁿

To download WordPress 3.8.23, update automatically from the Dashboard > Updates 
menu in your site’s admin area or visit [https://wordpress.org/download/release-archive/](https://wordpress.org/download/release-archive/).

For step-by-step instructions on installing and updating WordPress:

 * [Updating WordPress](https://wordpress.org/documentation/article/updating-wordpress/)

If you are new to WordPress, we recommend that you begin with the following:

 * [New To WordPress – Where to Start](https://wordpress.org/documentation/article/new_to_wordpress_-_where_to_start/)
 * [First Steps With WordPress](https://wordpress.org/documentation/article/first-steps-with-wordpress/)
   or [Upgrading WordPress Extended](https://wordpress.org/documentation/article/upgrading-wordpress-extended-instructions/)
 * [WordPress Lessons](https://wordpress.org/documentation/article/wordpress-lessons/)

## 󠀁[Summary](https://wordpress.org/documentation/wordpress-version/version-3-8-23/?output_format=md#summary)󠁿

From the [WordPress 4.8.3 release post](https://wordpress.org/news/2017/10/wordpress-4-8-3-security-release/):
WordPress versions 4.8.2 and earlier are affected by an issue where `$wpdb->prepare()`
can create unexpected and unsafe queries leading to potential SQL injection (SQLi).
WordPress core is not directly vulnerable to this issue, but we’ve added hardening
to prevent plugins and themes from accidentally causing a vulnerability. Reported
by [Anthony Ferrara](https://twitter.com/ircmaxell).

This release includes a change in behaviour for the `esc_sql()` function. Most developers
will not be affected by this change, you can read more details in the [developer note](https://make.wordpress.org/core/2017/10/31/changed-behaviour-of-esc_sql-in-wordpress-4-8-3/).

## 󠀁[List of Files Revised](https://wordpress.org/documentation/wordpress-version/version-3-8-23/?output_format=md#list-of-files-revised)󠁿

    ```wp-block-preformatted
    wp-admin/about.php wp-includes/post.php wp-includes/wp-db.php wp-includes/version.php
    ```

First published

May 15, 2019

Last updated