Version 3.9.6

Zhuozuran讨论 | 贡献2016年5月6日 (五) 06:12的版本 (1个版本)
(差异) ←上一版本 | 最后版本 (差异) | 下一版本→ (差异)
跳转至: 导航搜索

On May 6, 2015, WordPress 3.9.6 was released to the public, along with WordPress 4.2.2. This is both a security update for all previous WordPress versions, and a maintenance release for versions 4.1 and newer.

Installation/Update Information

To download WordPress 3.9.6, update automatically from the Dashboard > Updates menu in your site's admin area or visit

For step-by-step instructions on installing and updating WordPress:

If you are new to WordPress, we recommend that you begin with the following:


From the announcement post, WordPress 3.9.6 fixes a cross-site scripting vulnerability contained in an HTML file shipped with recent Genericons packages included in the Twenty Fifteen theme as well as a number of popular plugins by removing the file. Auto-updates and manual updates will remove this file, however manual installations and those using VCS checkout (like SVN) will not remove this file. Version 3.9.6 also improves on a fix for a critical cross-site scripting vulnerability introduced in 3.9.5.

The release also includes hardening for a potential cross-site scripting vulnerability when using the Visual editor.

WordPress 3.9.6 also contains fixes for 3 bugs from 3.9.5, including:

  • Lowers memory usage for a regex checking for UTF-8 encoding
  • Fixes how WordPress checks for encoding when sending strings to MySQL

List of Files Revised