{"id":11098468,"date":"2019-02-05T09:37:42","date_gmt":"2019-02-05T09:37:42","guid":{"rendered":"https:\/\/wordpress.org\/support\/?post_type=helphub_version&amp;p=11098468"},"modified":"2019-02-05T09:37:42","modified_gmt":"2019-02-05T09:37:42","slug":"version-4-5-5","status":"publish","type":"helphub_version","link":"https:\/\/wordpress.org\/documentation\/wordpress-version\/version-4-5-5\/","title":{"rendered":"Version 4.5.5"},"content":{"rendered":"\n<p class=\"wp-block-paragraph\">On 11 Jan, 2017, WordPress 4.5.5 was released to the public.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Installation\/Update Information<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">To download WordPress 4.5.5, update automatically from the Dashboard &gt; Updates menu in your site&#8217;s admin area or visit&nbsp;<a href=\"https:\/\/wordpress.org\/download\/release-archive\/\">https:\/\/wordpress.org\/download\/release-archive\/<\/a>.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">For step-by-step instructions on installing and updating WordPress:<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li><a href=\"https:\/\/wordpress.org\/documentation\/article\/updating-wordpress\/\">Updating WordPress<\/a><\/li><\/ul>\n\n\n\n<p class=\"wp-block-paragraph\">If you are new to WordPress, we recommend that you begin with the following:<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li><a href=\"https:\/\/wordpress.org\/documentation\/article\/new_to_wordpress_-_where_to_start\/\">New To WordPress &#8211; Where to Start<\/a><\/li><li><a href=\"https:\/\/wordpress.org\/documentation\/article\/first-steps-with-wordpress\/\">First Steps With WordPress<\/a> or <a href=\"https:\/\/wordpress.org\/documentation\/article\/upgrading-wordpress-extended-instructions\/\">Upgrading WordPress Extended<\/a><\/li><li><a href=\"https:\/\/wordpress.org\/documentation\/article\/wordpress-lessons\/\">WordPress Lessons<\/a><\/li><\/ul>\n\n\n\n<h2 class=\"wp-block-heading\">Summary<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">From the&nbsp;<a href=\"https:\/\/wordpress.org\/news\/2017\/01\/wordpress-4-7-1-security-and-maintenance-release\/\">WordPress 4.7.1 release post<\/a>: WordPress versions 4.7 and earlier are affected by seven security issues:<\/p>\n\n\n\n<ol class=\"wp-block-list\"><li>Remote code execution (RCE) in PHPMailer \u2013&nbsp;<em>No specific issue appears to affect WordPress<\/em>&nbsp;or any of the major plugins we investigated but, out of an abundance of caution, we updated PHPMailer in this release. This issue was reported to PHPMailer by&nbsp;<a href=\"https:\/\/legalhackers.com\/\">Dawid Golunski<\/a>&nbsp;and&nbsp;<a href=\"https:\/\/twitter.com\/Zenexer\">Paul Buonopane<\/a>.<\/li><li>Cross-site scripting (XSS) via the plugin name or version header on&nbsp;<code>update-core.php<\/code>. Reported by&nbsp;<a href=\"https:\/\/dominikschilling.de\/\">Dominik Schilling<\/a>&nbsp;of the WordPress Security Team.<\/li><li>Cross-site request forgery (CSRF) bypass via uploading a Flash file. Reported by&nbsp;<a href=\"https:\/\/twitter.com\/Abdulahhusam\">Abdullah Hussam<\/a>.<\/li><li>Cross-site scripting (XSS) via theme name fallback. Reported by&nbsp;<a href=\"https:\/\/pentest.blog\/\">Mehmet Ince<\/a>.<\/li><li>Post via email checks&nbsp;<code>mail.example.com<\/code>&nbsp;if default settings aren\u2019t changed. Reported by John Blackbourn of the WordPress Security Team.<\/li><li>A cross-site request forgery (CSRF) was discovered in the accessibility mode of widget editing. Reported by&nbsp;<a href=\"https:\/\/dk.linkedin.com\/in\/ronni-skansing-36143b65\">Ronnie Skansing<\/a>.<\/li><li>Weak cryptographic security for multisite activation key. Reported by&nbsp;<a href=\"https:\/\/itsjack.cc\/\">Jack<\/a>.<\/li><\/ol>\n\n\n\n<h2 class=\"wp-block-heading\">List of Files Revised<\/h2>\n\n\n\n<pre class=\"wp-block-preformatted\">wp-includes\/class-wp-theme.php\nwp-includes\/functions.php\nwp-includes\/ms-functions.php\nwp-includes\/class-smtp.php\nwp-includes\/class-phpmailer.php\nwp-includes\/version.php\nwp-mail.php\nreadme.html\nlicense.txt\nwp-admin\/widgets.php\nwp-admin\/update-core.php\nwp-admin\/includes\/media.php\nwp-admin\/includes\/class-wp-screen.php\nwp-admin\/about.php<\/pre>\n","protected":false},"excerpt":{"rendered":"<p>On 11 Jan, 2017, WordPress 4.5.5 was released to the public. Installation\/Update Information To download WordPress 4.5.5, update automatically from the Dashboard &gt; Updates menu in your site&#8217;s admin area or visit&nbsp;https:\/\/wordpress.org\/download\/release-archive\/. For step-by-step instructions on installing and updating WordPress: Updating WordPress If you are new to WordPress, we recommend that you begin with the [&hellip;]<\/p>\n","protected":false},"author":0,"featured_media":0,"menu_order":0,"template":"","meta":{"advanced_seo_description":"","jetpack_seo_html_title":"","jetpack_seo_noindex":false},"helphub_major_release":[],"class_list":["post-11098468","helphub_version","type-helphub_version","status-publish","hentry"],"revision_note":"","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/wordpress.org\/documentation\/wp-json\/wp\/v2\/wordpress-versions\/11098468","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/wordpress.org\/documentation\/wp-json\/wp\/v2\/wordpress-versions"}],"about":[{"href":"https:\/\/wordpress.org\/documentation\/wp-json\/wp\/v2\/types\/helphub_version"}],"version-history":[{"count":0,"href":"https:\/\/wordpress.org\/documentation\/wp-json\/wp\/v2\/wordpress-versions\/11098468\/revisions"}],"wp:attachment":[{"href":"https:\/\/wordpress.org\/documentation\/wp-json\/wp\/v2\/media?parent=11098468"}],"wp:term":[{"taxonomy":"helphub_major_release","embeddable":true,"href":"https:\/\/wordpress.org\/documentation\/wp-json\/wp\/v2\/helphub_major_release?post=11098468"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}