Title: Version 3.8.8 Published: May 17, 2019 --- # Version 3.8.8 ## In this article * [Installation/Update Information](https://wordpress.org/documentation/wordpress-version/version-3-8-8/?output_format=md#installation-update-information) * [Summary](https://wordpress.org/documentation/wordpress-version/version-3-8-8/?output_format=md#summary) * [List of Files Revised](https://wordpress.org/documentation/wordpress-version/version-3-8-8/?output_format=md#list-of-files-revised) [ Back to top](https://wordpress.org/documentation/wordpress-version/version-3-8-8/?output_format=md#wp--skip-link--target) On May 6, 2015, WordPress 3.8.8 was released to the public, along with WordPress 4.2.2. This is both a security update for all previous WordPress versions, and a maintenance release for versions 3.8 and newer. ## 󠀁[Installation/Update Information](https://wordpress.org/documentation/wordpress-version/version-3-8-8/?output_format=md#installation-update-information)󠁿 To download WordPress 3.8.8, update automatically from the Dashboard > Updates menu in your site’s admin area or visit [https://wordpress.org/download/release-archive/](https://wordpress.org/download/release-archive/). For step-by-step instructions on installing and updating WordPress: * [Updating WordPress](https://wordpress.org/documentation/article/updating-wordpress/) If you are new to WordPress, we recommend that you begin with the following: * [New To WordPress – Where to Start](https://wordpress.org/documentation/article/new_to_wordpress_-_where_to_start/) * [First Steps With WordPress](https://wordpress.org/documentation/article/first-steps-with-wordpress/) or [Upgrading WordPress Extended](https://wordpress.org/documentation/article/upgrading-wordpress-extended-instructions/) * [WordPress Lessons](https://wordpress.org/documentation/article/wordpress-lessons/) ## 󠀁[Summary](https://wordpress.org/documentation/wordpress-version/version-3-8-8/?output_format=md#summary)󠁿 From the [announcement post](https://wordpress.org/news/2015/05/wordpress-4-2-2/), WordPress 3.8.8 fixes a cross-site scripting vulnerability contained in an HTML file shipped with recent Genericons packages included in the Twenty Fifteen theme as well as a number of popular plugins by removing the file. Auto-updates and manual updates will remove this file, however manual installations and those using VCS checkout (like SVN) will not remove this file. Version 3.8.8 also improves on a fix for a critical cross-site scripting vulnerability introduced in [3.8.7](https://codex.wordpress.org/Version_3.8.7). The release also includes hardening for a potential cross-site scripting vulnerability when using the Visual editor. WordPress 3.8.8 also contains fixes for 3 bugs from [3.8.7](https://codex.wordpress.org/Version_3.8.7), including: * Lowers memory usage for a regex checking for UTF-8 encoding * Fixes how WordPress checks for encoding when sending strings to MySQL ## 󠀁[List of Files Revised](https://wordpress.org/documentation/wordpress-version/version-3-8-8/?output_format=md#list-of-files-revised)󠁿 ```wp-block-preformatted readme.html wp-admin/includes/update-core.php wp-admin/includes/upgrade.php wp-admin/about.phpwp-includes/compat.php wp-includes/version.php wp-includes/wp-db.php ``` First published May 17, 2019 Last updated