Version 4.7.9

From the WordPress 4.9.2 release post: WordPress versions 4.9 and earlier are affected by an XSS vulnerability in the Flash fallback files in MediaElement 4.x. The following fixes have been implemented in this release:

  1. Upgrade: When deleting old files, if deletion fails attempt to empty the file instead. (#42963)
  2. External Libraries: Remove unnecessary / obsoleted MediaElement.js files. (#42720)

List of files revised

 wp-admin/about.php
wp-admin/includes/update-core.php
wp-includes/js/mediaelement/silverlightmediaelement.xap
wp-includes/js/mediaelement/flashmediaelement.swf
wp-includes/version.php

First published

Last updated