On September 15, 2015, WordPress 4.3.1 was released to the public. This is a security update for all previous WordPress versions.
Installation/Update Information
To download WordPress 4.3.1, update automatically from the Dashboard > Updates menu in your site’s admin area or visit https://wordpress.org/download/release-archive/.
For step-by-step instructions on installing and updating WordPress:
If you are new to WordPress, we recommend that you begin with the following:
- New To WordPress – Where to Start
- First Steps With WordPress or Upgrading WordPress Extended
- WordPress Lessons
Summary
From the announcement post, WordPress 4.3.1 fixes two cross-site scripting vulnerabilities (CVE-2015-5714, CVE-2015-5715) and a potential privilege escalation.
In addition to the security fixes, WordPress 4.3.1 contains fixes for 26 bugs from 4.3, including:
- Taxonomy: Arguments switched in
wp_batch_split_terms
Cron Job in Version 4.3 #33423 - TinyMCE: Plugin wplink throw js TypeError: editor.wp undefined #33393
- Customizer: Focusing a control outside of a panel when a panel is open results in a blank screen with no navigation back #33396
- Users: Feature detect best event to use on password fields #33398
- Users: Creating a new user without a password causes error message issues #33406
- Customizer:
remove_panel('nav_menus')
action generates errors #33411 - Customize: JS error when uploading small image as Site Icon and electing to Skip Cropping #33417
- Users: Cancelling password update on user-profile fails #33419
- Customizer: Toggling customizer controls based on another control does not work anymore in Version 4.3 #33428
- Text Changes: Fix Period Position in
wp-admin/about.php
#33429 - Widgets: Not displayed if no
$instance
data is set #33442 - Taxonomy:
wp_dropdown_categories
doesn’t respectshow_option_all
#33452 - Database:
wpdb
class methodget_table_from_query()
malfunctions if table name contains a dash (-
) #33470 - Upgrade/Install: After upgrade to Version 4.3 unable to update plugins. #33480
- Users: Documented
$public_only
parameter not passed to theget_usernumposts
filter #33481 - Upgrade/Install: Comments for Version 4.3 to be default “off” for pages but 1 remains #33490
- Comments: Bug in Comment Quick Edit in smaller screen #33596
- TinyMCE: Visual Editor freezing when multiple HTML tables are added to the post #33617
- Formatting:
wpautop
breaks HTML comments #33645 - Users:
wp_new_user_notification
breaking change. #33654 - Customizer: Shift-clicking a widget in the preview doesn’t move focus #33695
- Administration: Password label not focussing password field when clicked #33778
- TinyMCE: Update to 4.2.5 #33782
- Networks and Sites: “Attribute content to” dropdown missing when deleting a user in network admin #33811
- Users: Import global
$wp_hasher
inwp_new_user_notification
#33826
List of Files Revised
readme.html wp-admin/about.php wp-admin/css/forms-rtl.css wp-admin/css/forms.css wp-admin/css/list-tables-rtl.css wp-admin/css/list-tables.css wp-admin/css/login-rtl.min.css wp-admin/css/login.min.css wp-admin/css/wp-admin-rtl.min.css wp-admin/css/wp-admin.min.css wp-admin/includes/class-wp-filesystem-ssh2.php wp-admin/includes/class-wp-ms-users-list-table.php wp-admin/includes/class-wp-users-list-table.php wp-admin/includes/template.php wp-admin/includes/upgrade.php wp-admin/includes/user.php wp-admin/includes/version.php wp-admin/js/customize-controls.js wp-admin/js/customize-controls.min.js wp-admin/js/customize-nav-menus.js wp-admin/js/customize-nav-menus.min.js wp-admin/js/edit-comments.js wp-admin/js/edit-comments.min.js wp-admin/js/user-profile.js wp-admin/js/user-profile.min.js wp-admin/network/site-new.php wp-admin/network/site-users.php wp-admin/network/user-new.php wp-admin/network/users.php wp-includes/category-template.php wp-includes/class-wp-xmlrpc-server.php wp-includes/default-widgets.php wp-includes/formatting.php wp-includes/js/tinymce/plugins/charmap/plugin.js wp-includes/js/tinymce/plugins/charmap/plugin.min.js wp-includes/js/tinymce/plugins/lists/plugin.js wp-includes/js/tinymce/plugins/media/plugin.js wp-includes/js/tinymce/plugins/media/plugin.min.js wp-includes/js/tinymce/plugins/paste/plugin.js wp-includes/js/tinymce/plugins/paste/plugin.min.js wp-includes/js/tinymce/plugins/wpeditimage/plugin.js wp-includes/js/tinymce/plugins/wpeditimage/plugin.min.js wp-includes/js/tinymce/plugins/wplink/plugin.js wp-includes/js/tinymce/plugins/wplink/plugin.min.js wp-includes/js/tinymce/plugins/wpview/plugin.js wp-includes/js/tinymce/plugins/wpview/plugin.min.js wp-includes/js/tinymce/skins/lightgray/content.inline.min.css wp-includes/js/tinymce/skins/lightgray/content.min.css wp-includes/js/tinymce/skins/lightgray/skin.ie7.min.css wp-includes/js/tinymce/skins/lightgray/skin.min.css wp-includes/js/tinymce/themes/modern/theme.js wp-includes/js/tinymce/themes/modern/theme.min.js wp-includes/js/tinymce/tinymce.min.js wp-includes/js/tinymce/wp-tinymce.js.gz wp-includes/js/wp-ajax-response.js wp-includes/js/wp-ajax-response.min.js wp-includes/media.php wp-includes/pluggable.php wp-includes/shortcodes.php wp-includes/taxonomy.php wp-includes/user.php wp-includes/version.php wp-includes/widgets.php wp-includes/wp-db.php