Wordpress version 4.3.1 released

WordPress Updated to Version 4.3.1

What does it mean for you?

WordPress regularly provides updates to users, and these updates come in the form of a new, slightly altered version of WordPress. While most updates have little to no obvious effect on the use of WordPress and its basic functionality, some updated do in fact require some explanation. For example, a previous update of WordPress completely redesigned the once-familiar dashboard, requiring a bit of re-learning on the part of developers and everyday users alike. This update, to version 4.3.1, is slightly different. It is, in large part, a security update, and is of great importance for all users of WordPress, whether they be seasoned veterans or first-time users.

What’s New in Version 4.3.1?

Version 4.3.1 includes a slew of new bug fixes, as well as some major infrastructure changes that are, for the most part, related to the security of websites running WordPress.  

Security Updates

Here are the major areas affected by the update to WordPress version 4.3.1:  

Shortcodes

A fix has been included in version 4.3.1 that remedies an exploit found in the use of shortcodes. Shortcodes are shortcuts, in a sense, for placing more complex bits of PHP into a webpage’s content. They appear as "[shortcode_name]", for example, where “shortcode_name” is the name of the function being referenced. The shortcode will output content based on the pre-programmed parameters. They are commonly used with plugins. For example: the shortcode "[woo_product id=”123”]" (just a fake example), could display an image, product title, and price for a particular product in WooCommerce. Version 4.3.1 fixes an issue with cross-site scripting vulnerabilities, which is simply a flaw in which someone can inject your site with malicious code via another site, without your knowledge.  

Posts

WordPress’s update to version 4.3.1 also targeted a security vulnerability that allowed a user with limited privileges to possibly publish a private post. While this is a less-troubling issue than the shortcode vulnerability, it still presents a problem for sites who have multiple users, and users with varying levels of permission. Before the fix (and only in some cases), a top-level user could, ostensibly, create a private post which could then be opened and published by a user with lower privileges. This should not be possible, according to WordPress security standards. A top level user’s posts, set to private, should not be able to be published by a user with lower privileges. The security update has fixed this issue.  

Other Bug Fixes

In addition to the security updates, WordPress regularly releases minor bug fixes. These are usually small glitches that users or programmers have discovered, or patches/updates for the ever changing world of internet technology. This part of the update rarely applies to items related to security.  
Lastly, remember to always backup your files and databases before updating WordPress! And, if you’re wondering if you should update to the latest version, the answer is always – yes! Failing to update WordPress regularly could result in security gaps, vulnerability, and loss of files and information. If you’re unsure about how, or what to update, don’t hesitate to contact Rockland Web Design.
Categories
General Blog / 89
How to Program Your Life / 1
Archive
December 2007 / 4
January 2008 / 2
May 2008 / 2
June 2008 / 2
July 2008 / 1
November 2008 / 3
December 2008 / 2
January 2009 / 3
March 2009 / 1
June 2009 / 1
July 2009 / 1
November 2009 / 1
December 2009 / 1
March 2010 / 3
May 2010 / 2
August 2010 / 1
September 2010 / 1
January 2011 / 1
February 2011 / 2
March 2011 / 2
June 2011 / 4
August 2011 / 2
September 2011 / 4
November 2011 / 1
May 2012 / 1
June 2012 / 1
November 2012 / 1
January 2013 / 1
February 2013 / 2
March 2013 / 3
November 2013 / 1
December 2013 / 1
May 2014 / 2
November 2014 / 1
February 2015 / 1
March 2015 / 1
May 2015 / 1
June 2015 / 1
July 2015 / 5
August 2015 / 4
September 2015 / 2
November 2015 / 1
May 2017 / 1
September 2017 / 3
October 2017 / 3
November 2017 / 1
February 2018 / 3
August 2018 / 1
November 2018 / 1