Title: Version 4.6.1
Author: Subrata Sarkar
Published: January 23, 2019

---

# Version 4.6.1

## In this article

 * [Installation/Update Information](https://wordpress.org/documentation/wordpress-version/version-4-6-1/?output_format=md#installation-update-information)
 * [Summary](https://wordpress.org/documentation/wordpress-version/version-4-6-1/?output_format=md#summary)
 * [List of Files Revised](https://wordpress.org/documentation/wordpress-version/version-4-6-1/?output_format=md#list-of-files-revised)

[ Back to top](https://wordpress.org/documentation/wordpress-version/version-4-6-1/?output_format=md#wp--skip-link--target)

On 7 Sept, 2016, WordPress 4.6.1 was released to the public.

## 󠀁[Installation/Update Information](https://wordpress.org/documentation/wordpress-version/version-4-6-1/?output_format=md#installation-update-information)󠁿

To download WordPress 4.6.1, update automatically from the Dashboard > Updates menu
in your site’s admin area or visit [https://wordpress.org/download/release-archive/](https://wordpress.org/download/release-archive/).

For step-by-step instructions on installing and updating WordPress:

 *  [Updating WordPress](https://wordpress.org/documentation/article/updating-wordpress/)

If you are new to WordPress, we recommend that you begin with the following:

 *  [New To WordPress – Where to Start](https://wordpress.org/support/article/new_to_wordpress_-_where_to_start/?output_format=md)
 *  [First Steps With WordPress](https://wordpress.org/support/article/first-steps-with-wordpress/?output_format=md)
   or [Upgrading WordPress Extended](https://wordpress.org/documentation/article/upgrading-wordpress-extended-instructions/)
 *  [WordPress Lessons](https://wordpress.org/support/article/wordpress-lessons/?output_format=md)

## 󠀁[Summary](https://wordpress.org/documentation/wordpress-version/version-4-6-1/?output_format=md#summary)󠁿

From the [WordPress 4.6.1 release post](https://wordpress.org/news/2016/09/wordpress-4-6-1-security-and-maintenance-release/):
WordPress versions 4.6 and earlier are affected by two security issues: a cross-
site scripting vulnerability via image filename, reported by SumOfPwn researcher
Cengiz Han Sahin; and a path traversal vulnerability in the upgrade package uploader,
reported by Dominik Schilling from the WordPress security team.

WordPress 4.6.1 also fixes 15 bugs from [Version 4.6](https://codex.wordpress.org/Version_4.6),
including:

Bootstrap/Load

 * [#37680](https://core.trac.wordpress.org/ticket/37680) – PHP Warning: ini_get_all()
   has been disabled for security reasons

Database

 * [#37683](https://core.trac.wordpress.org/ticket/37683) – $collate and $charset
   can be undefined in wpdb::init_charset()
 * [#37689](https://core.trac.wordpress.org/ticket/37689) – Issues with utf8mb4 
   collation and the 4.6 update

Editor

 * [#37690](https://core.trac.wordpress.org/ticket/37690) – Backspace causes jumping

Email

 * [#37736](https://core.trac.wordpress.org/ticket/37736) – Emails fail on certain
   server setups

External Libraries

 * [#37700](https://core.trac.wordpress.org/ticket/37700) – Warning: curl_exec()
   has been disabled for security reasons (Requests library)
 * [#37720](https://core.trac.wordpress.org/ticket/37720) – The minified version
   of the Masonry shim was not updated in [#37666](https://core.trac.wordpress.org/ticket/37666)(
   Masonry library)

HTTP API

 * [#37733](https://core.trac.wordpress.org/ticket/37733) – cURL error 3: malformed
   for remote requests
 * [#37768](https://core.trac.wordpress.org/ticket/37768) – HTTP API no longer accepts
   integer and float values for the cookies argument

Post Thumbnails

 * [#37697](https://core.trac.wordpress.org/ticket/37697) – Strange behavior with
   thumbnails on preview in 4.6

Script Loader

 * [#37800](https://core.trac.wordpress.org/ticket/37800) – Close “link rel” dns-
   prefetch tag

Taxonomy

 * [#37721](https://core.trac.wordpress.org/ticket/37721) – Improve error handling
   of is_object_in_term in taxonomy.php

Themes

 * [#37755](https://core.trac.wordpress.org/ticket/37755) – Visual Editor: Weird
   unicode (Vietnamese) characters display on WordPress 4.6

TinyMCE

 * [#37760](https://core.trac.wordpress.org/ticket/37760) – Problem with RTL

Upgrade/Install

 * [#37731](https://core.trac.wordpress.org/ticket/37731) – Infinite loop in _wp_json_sanity_check()
   during plugin install

## 󠀁[List of Files Revised](https://wordpress.org/documentation/wordpress-version/version-4-6-1/?output_format=md#list-of-files-revised)󠁿

    ```wp-block-preformatted
    wp-admin/about.php
    wp-admin/js/editor-expand.js
    wp-admin/js/editor-expand.min.js
    wp-admin/includes/media.php
    wp-admin/includes/class-file-upload-upgrader.php
    wp-admin/includes/class-language-pack-upgrader.php
    wp-includes/wp-db.php
    wp-includes/pluggable.php
    wp-includes/script-loader.php
    wp-includes/general-template.php
    wp-includes/css/editor.css
    wp-includes/css/editor.min.css
    wp-includes/css/editor-rtl.css
    wp-includes/css/editor-rtl.min.css
    wp-includes/functions.php
    wp-includes/class-wp-editor.php
    wp-includes/taxonomy.php
    wp-includes/load.php
    wp-includes/version.php
    wp-includes/class-http.php
    wp-includes/js/tinymce/skins/wordpress/wp-content.css
    wp-includes/js/jquery/jquery.masonry.min.js
    wp-includes/Requests/Transport/cURL.php
    wp-includes/revision.php
    wp-content/plugins
    readme.html
    ```

First published

January 23, 2019

Last updated