WordPress released security and maintenance update 4.3.1, on September fifteen two thousand and fifteen. This is an update for all previous versions of WordPress. It is highly recommended that you install this update as soon as possible, since it patches potential security vulnerabilities.
This WordPress security and maintenance update responds to three seperate issues, two cross site scripting vulnerabilities and one possible privilege escalation. Versions of WordPress 4.3 and earlier are predisposed to cross site scripting vulnerability when shortcode tags are processed. Another separate cross site scripting vulnerability was noticed in a user list table.
Third and final vulnerability is where by users without proper access permissions could publish private posts and make them permanently sticky. As an added bonus WordPress security and maintenance update fixes twenty six current bugs.
You can update your version of WordPress to 4.3 by clicking on your “Dashboard” if not already there. Then select “Updates”. Finally click on “Update Now”.
If your WordPress site was configured with automatic background updates, then you should already be updated to 4.3.1 Also, you can download update 4.3.1 directly from WordPress.org. Finally, check out this WordPress 4.3.1 update blog post for more details.