Version 4.9.2

Languages: English • 4.9.2 日本語 (Add your language)

On 16 January, 2018, WordPress 4.9.2 was released to the public.

Installation/Update Information

To download WordPress 4.9.2, update automatically from the Dashboard > Updates menu in your site's admin area or visit https://wordpress.org/download/release-archive/.

For step-by-step instructions on installing and updating WordPress:

Updating WordPress

If you are new to WordPress, we recommend that you begin with the following:

Summary

From the WordPress 4.9.2 release post: WordPress versions 4.9 and earlier are affected by an XSS vulnerability in the Flash fallback files in MediaElement 4.x, a library that is included with WordPress 4.9.

In addition to the security issue above, WordPress 4.9.2 contains 22 bug fixes.

Bundled Theme

#42820 - Twenty Seventeen -watch that language

Customize

#42492 - Selecting menu location changes line height
#42871 - Features box textstrings in Feature Filter area need new linebreak

Database

#42812 - Use MySQLi when available by default

Editor

#42664 - Editor link autocomplete suggestions: no fallback title displayed for posts with no title
#43012 - Cannot Update Post in Firefox Due to Editor and TinyMCE JavaScript TypeErrors

External Libraries

#42439 - Update random_compat external library for PHP 7 linting failure

Formatting

#42578 - PHP functions inside <p> tags creates new <p> tag, breaking the parent tag into two.

Media

#42225 - Whitelist Flac Files
#42447 - Mark test_remove_orientation_data_on_rotate as skipped when exif_read_data isn't available
#42480 - Consistent suppression of `getimagesize()` errors
#42720 - Remove unnecessary MediaElement.js files

Plugins

#43082 - Add plugins search results: the plugin details modal opens in the thickbox modal

REST API

#42828 - Hard-coded 403 status in REST response should use `rest_authorization_required_code()`

Taxonomy

#42771 - WP_Term::get_instance() regression for non-category terms queried with 'category' taxonomy
#42605 - category_description() does not work properly since 4.9
#42717 - get_category_link() accepting object but not id

TinyMCE

#42416 - Code assumes iframe mode, exception in inline mode

Upgrade/Install

#42963 - Improve deletion of $_old_files during upgrades

Widgets

#42603 - Widgets Warning after activating theme and on dashboard widgets page
#42719 - Always attempt to restore widgets' previous assignment
#42867 - HTML Widget: toggleClass() should be passed true/false as second param

List of Files Revised

wp-admin/includes/update-core.php
wp-admin/includes/media.php
wp-admin/includes/image.php
wp-admin/css/customize-nav-menus.min.css
wp-admin/css/common-rtl.css
wp-admin/css/common-rtl.min.css
wp-admin/css/common.css
wp-admin/css/customize-nav-menus-rtl.css
wp-admin/css/customize-nav-menus-rtl.min.css
wp-admin/css/common.min.css
wp-admin/css/customize-nav-menus.css
wp-admin/js/plugin-install.min.js
wp-admin/js/editor.js
wp-admin/js/plugin-install.js
wp-admin/js/editor.min.js
wp-admin/js/widgets/custom-html-widgets.min.js
wp-admin/js/widgets/custom-html-widgets.js
wp-admin/theme-install.php
wp-admin/about.php
wp-includes/default-filters.php
wp-includes/rest-api/class-wp-rest-server.php
wp-includes/rest-api/endpoints/class-wp-rest-attachments-controller.php
wp-includes/wp-db.php
wp-includes/customize/class-wp-customize-themes-section.php
wp-includes/js/mce-view.js
wp-includes/js/mce-view.min.js
wp-includes/js/mediaelement/mediaelement-flash-video-hls.swf
wp-includes/js/mediaelement/mediaelement-flash-video-mdash.swf
wp-includes/js/mediaelement/lang/cs.js
wp-includes/js/mediaelement/lang/es.js
wp-includes/js/mediaelement/lang/fr.js
wp-includes/js/mediaelement/lang/hr.js
wp-includes/js/mediaelement/lang/ko.js
wp-includes/js/mediaelement/lang/nl.js
wp-includes/js/mediaelement/lang/pl.js
wp-includes/js/mediaelement/lang/hu.js
wp-includes/js/mediaelement/lang/it.js
wp-includes/js/mediaelement/lang/sk.js
wp-includes/js/mediaelement/lang/zh-cn.js
wp-includes/js/mediaelement/lang/uk.js
wp-includes/js/mediaelement/lang/ro.js
wp-includes/js/mediaelement/lang/zh.js
wp-includes/js/mediaelement/lang/ca.js
wp-includes/js/mediaelement/lang/pt.js
wp-includes/js/mediaelement/lang/ru.js
wp-includes/js/mediaelement/lang/fa.js
wp-includes/js/mediaelement/lang/de.js
wp-includes/js/mediaelement/lang/sv.js
wp-includes/js/mediaelement/lang/ja.js
wp-includes/js/mediaelement/lang
wp-includes/js/mediaelement/mediaelement-flash-audio.swf
wp-includes/js/mediaelement/mediaelement-flash-video.swf
wp-includes/js/mediaelement/renderers/dailymotion.js
wp-includes/js/mediaelement/renderers/facebook.js
wp-includes/js/mediaelement/renderers/dailymotion.min.js
wp-includes/js/mediaelement/renderers/facebook.min.js
wp-includes/js/mediaelement/renderers/soundcloud.js
wp-includes/js/mediaelement/renderers/soundcloud.min.js
wp-includes/js/mediaelement/renderers/twitch.js
wp-includes/js/mediaelement/renderers/twitch.min.js
wp-includes/js/mediaelement/mediaelement-flash-audio-ogg.swf
wp-includes/js/tinymce/plugins/wplink/plugin.js
wp-includes/js/tinymce/plugins/wplink/plugin.min.js
wp-includes/js/tinymce/wp-tinymce.js.gz
wp-includes/category-template.php
wp-includes/widgets.php
wp-includes/functions.php
wp-includes/media.php
wp-includes/random_compat/random_bytes_mcrypt.php
wp-includes/random_compat/random_bytes_dev_urandom.php
wp-includes/random_compat/random_bytes_openssl.php
wp-includes/random_compat/random_int.php
wp-includes/random_compat/random_bytes_libsodium.php
wp-includes/random_compat/random_bytes_com_dotnet.php
wp-includes/random_compat/random_bytes_libsodium_legacy.php
wp-includes/version.php
wp-content/plugins
wp-content/themes/twentyseventeen/front-page.php
license.txt

WordPress.org

Codex

Version 4.9.2

Installation/Update Information

Summary

List of Files Revised

Codex Resources