On 3 April, 2018, WordPress 4.0.23 was released to the public.
To download WordPress 4.0.23, update automatically from the Dashboard > Updates menu in your site’s admin area or visit https://wordpress.org/download/release-archive/.
For step-by-step instructions on installing and updating WordPress:
If you are new to WordPress, we recommend that you begin with the following:
- New To WordPress – Where to Start
- First Steps With WordPress or Upgrading WordPress Extended
- WordPress Lessons
From the WordPress 4.9.5 release post, WordPress versions 4.9.4 and earlier are affected by three security issues. As part of the core team’s ongoing commitment to security hardening, the following fixes have been implemented:
- Don’t treat localhost as same host by default.
- Use safe redirects when redirecting the login page if SSL is forced.
- Make sure the version string is correctly escaped for use in generator tags.
List of Files Revised
/wp-login.php /wp-includes/general-template.php /wp-includes/http.php