WordPress.org

Codex

Interested in functions, hooks, classes, or methods? Check out the new WordPress Code Reference!

Version 3.1.3

On May 25, 2011, WordPress 3.1.3 was released to the public. This is a security update for all previous WordPress versions.

For version 3.1.3, the database version (db_version in wp_options) remained at 17516.

Installation/Update Information

To download WordPress 3.1.3, update automatically from the Dashboard > Updates menu in your site's admin area or visit http://wordpress.org/download/release-archive/.

For step-by-step instructions on installing and updating WordPress:

If you are new to WordPress, we recommend that you begin with the following:

Summary

  • Various security hardening by Alexander Concha.
  • Taxonomy query hardening by John Lamansky.
  • Prevent sniffing out user names of non-authors by using canonical redirects. Props Verónica Valeros.
  • Media security fixes by Richard Lundeen of Microsoft, Jesse Ou of Microsoft, and Microsoft Vulnerability Research.
  • Improves file upload security on hosts with dangerous security settings.
  • Cleans up old WordPress import files if the import does not finish.
  • Introduce “clickjacking” protection in modern browsers on admin and login pages.

List of Files Revised

readme.html
wp-login.php
wp-app.php
wp-includes/default-filters.php
wp-includes/taxonomy.php
wp-includes/post.php
wp-includes/theme.php
wp-includes/functions.php
wp-includes/formatting.php
wp-includes/canonical.php
wp-includes/class-oembed.php
wp-includes/meta.php
wp-includes/version.php
wp-admin/admin-ajax.php
wp-admin/includes/post.php 
wp-admin/includes/class-wp-plugins-list-table.php 
wp-admin/includes/import.php 
wp-admin/includes/template.php 
wp-admin/includes/media.php
wp-admin/ms-delete-site.php
wp-admin/custom-header.php
wp-admin/plugins.php 
wp-admin/press-this.php 
wp-admin/custom-background.php 
See also: other WordPress Versions.