• Skip to primary navigation
  • Skip to main content
  • Skip to footer
WPSecurityLock – Malware removal & WordPress security services

WPSecurityLock – Malware removal & WordPress security services

WordPress security, malware removal, repair, backups, ongoing maintenance, installation, site migration & support services – WP Security Lock.

  • Facebook
  • LinkedIn
  • Twitter
  • Home
  • About
    • About Us
    • Speaker Information
    • Contact Us by Phone, Email or Live Chat
    • Testimonials
  • Security Services
    • Malware / Virus Removal
    • WordPress Security and Installation Services
    • Monthly Security Packages
    • SSL Conversion Service (HTTP to HTTPS)
  • Blog
  • Resources
  • Contact
  • SafeWP

WordPress 3.1.2 Update – Critical WordPress Security & Maintenance Release

April 26, 2011 By Regina Smola 11 Comments

WordPress 3.1.2 Upgrade Security ReleaseWordPress version 3.1.2 has been released to the public as of April 26, 2011.

This important maintenance and security release fixed a vulnerability that allowed Contributor-level users to improperly publish posts.

This issue was discovered by a member of their security team, WordPress developer Andrew Nacin and Benjamin Balter.

According to WordPress.org:

We suggest you update to 3.1.2 promptly, especially if you allow users to register as contributors or if you have untrusted users. This release also fixes a few bugs that missed the boat for version 3.1.1.

Some other bug fixes were found in WordPress 3.1.1 and have been fixed with this new release, 3.1.2 including:

  • Fixed user queries ordered by post count
  • Fixed multiple tag quires bug
  • Prevents over-escaping of post titles when using Quick Edit for pages.

Files Revised in WordPress 3.1.2:

  • readme.html
  • wp-admin/press-this.php
  • wp-admin/includes/class-wp-posts-list-table.php
  • wp-admin/includes/update-core.php
  • wp-includes/post-template.php
  • wp-includes/query.php
  • wp-includes/user.php
  • wp-includes/version.php

WordPress & Security Resources:

  • WordPress News: 3.1.2 Security Hardening Update
  • WordPress Codex: Version 3.1.2
  • WordPress Trac: 3.1.2 Bug Fixes
  • Download WordPress 3.1.2
  • WordPress Codex – Updating WordPress

Important!

If you're self-hosting WordPress on your own domain, it is important that you upgrade to WordPress 3.1.2 as soon as possible.

Leave your feedback

Have you upgraded to WordPress 3.1.2? Did you upgrade WordPress automatically through the Dashboard or manually? Do you have any WordPress plugin issues with WP version 3.1.2? If you noticed any glitches in the upgrade or conflicts with any plugins be sure to let us know. Leave your comment below.

Securely yours,

Regina Smola
WordPress Security Expert
Follow me on Twitter
Follow WPSecurityLock on Twitter
Become a Facebook Fan

Filed Under: WordPress Security Tips Tagged With: update wordpress, upgrade wordpress, WordPress, WordPress 3.1.2, wordpress security

Reader Interactions

Comments

  1. Angela Brooks says

    April 26, 2011 at 8:07 pm

    Thank you for sharing this update

    Reply
    • Regina Smola says

      April 27, 2011 at 7:51 am

      Hey Angela,

      You’re welcome. Thanks for posting your comment.

      Regina

      Reply
  2. Paul B. Taubman, II says

    April 26, 2011 at 10:51 pm

    Thanks! You always explain the updates better then WordPress themselves! Thanks again!

    Reply
    • Regina Smola says

      April 27, 2011 at 7:49 am

      Hi Paul,

      Thanks so much for your kind words. I do my best.

      ~ Regina

      Reply
  3. Kimberly Castleberry says

    April 27, 2011 at 7:22 am

    Four blogs upgraded this morning, three of them on Thesis, no issues in the upgrade routine.
    Kimberly

    Reply
    • Regina Smola says

      April 27, 2011 at 7:50 am

      Hi Kimberly,

      Woohooo! Glad you got them all upgraded without a problem. Mine went smoothly as well. The only issue I have is the TinyMCE Advanced plugin after I upgraded to 3.1. Firefox doesn’t seem to like it when adding links or images. IE seems to be fine.

      Thanks for your comment,

      Regina

      Reply
  4. Bianca Rossi says

    April 27, 2011 at 11:08 am

    I smoothly upgraded from the dashboard, however I seem to have a problem with widgets (possibly a theme issue though); when I drag a text widget, I need to save it before it opens and allows me to write and then save back again….

    Reply
    • Regina Smola says

      April 27, 2011 at 1:25 pm

      Hi Bianca,

      Thanks for your comment. Hmmm I’ll have to see if mine does that too. Thanks for letting us know.

      ~ Regina Smola

      Reply
  5. Lilia Lee says

    May 3, 2011 at 2:50 am

    Thank you. Your blog is s helpful. I am recommending it to others.

    Reply
    • Regina Smola says

      May 3, 2011 at 3:58 pm

      Awesome Lilia! I appreciate that. Be sure to join my affiliate program so I can pay you commissions as a thank you for promoting me.

      Reply
  6. steve says

    May 4, 2011 at 3:50 pm

    I am very impressed with your wealth of knowledge. Keep up the great work.
    Here’s a story that has no ending yet:
    I recently did a google search of my site and found a “this site may be compromised” message from google.
    I have no experience with web security and just took a look at the site in my browser. No change, all is well.
    Then started investigating what I should do and came across your blog. After reading your blog I took down the site and tried to wrap my head around what I am about to embark upon. I think I did a proper backup when the site went up. Today I checked google again to see if the flag was still there and to my suprise it’s gone since I removed the site (I put up an under construction message as per your advice). When I looked at a cached page of the site (no clue why I did that) I found hundereds of spam links at the bottom of the page.
    If you google teen tour theatre you can see it yourself.
    I am about to restore what I hope is a fairly complete snapshot of the site.
    What specific passwords should I be changing? And how do the bad guys get past the random passwords? Thx.

    Reply

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Let’s work together:

Get in touch with us and send some basic info about your project. Don't be shy, we can help with just about anything.

Contact Us!

Footer

  • Facebook
  • LinkedIn
  • Twitter

Contact

Call 815-600-7270
Contact
Mo,Tu,We,Th,Fr 9:00 am – 5:00 pm

Get WordPress Help Now

Chat With Us!
Submit A Support Ticket

Copyright © 2025 | WP Security Lock, Inc