Title: Version 4.1.30
Author: Jb Audras
Published: April 29, 2020

---

# Version 4.1.30

## In this article

 * [Installation/Update Information](https://wordpress.org/documentation/wordpress-version/version-4.1.30/?output_format=md#installation-update-information)
 * [Summary](https://wordpress.org/documentation/wordpress-version/version-4.1.30/?output_format=md#summary)
 * [List of Files Revised](https://wordpress.org/documentation/wordpress-version/version-4.1.30/?output_format=md#list-of-files-revised)

[ Back to top](https://wordpress.org/documentation/wordpress-version/version-4.1.30/?output_format=md#wp--skip-link--target)

On April 29, 2020, WordPress 4.1.30 was released to the public.

## 󠀁[Installation/Update Information](https://wordpress.org/documentation/wordpress-version/version-4.1.30/?output_format=md#installation-update-information)󠁿

To download WordPress 4.1.30, update automatically from the Dashboard > Updates 
menu in your site’s admin area or visit [https://wordpress.org/download/release-archive/](https://wordpress.org/download/release-archive/).

For step-by-step instructions on installing and updating WordPress:

 *  [Updating WordPress](https://wordpress.org/documentation/article/updating-wordpress/)

If you are new to WordPress, we recommend that you begin with the following:

 *  [New To WordPress – Where to Start](https://wordpress.org/support/article/new_to_wordpress_-_where_to_start/?output_format=md)
 *  [First Steps With WordPress](https://wordpress.org/support/article/first-steps-with-wordpress/?output_format=md)
   or [Upgrading WordPress Extended](https://wordpress.org/documentation/article/upgrading-wordpress-extended-instructions/)
 *  [WordPress Lessons](https://wordpress.org/support/article/wordpress-lessons/?output_format=md)

## 󠀁[Summary](https://wordpress.org/documentation/wordpress-version/version-4.1.30/?output_format=md#summary)󠁿

Six security issues affect WordPress versions 5.4 and earlier; version 5.4.1 fixes
them, so you’ll want to upgrade. If you haven’t yet updated to 5.4, there are also
updated versions of 5.3 and earlier that fix the security issues.

 * Props to [Muaz Bin Abdus Sattar](https://hackerone.com/hijibiji) and [Jannes](https://hackerone.com/dyennez)
   who both independently reported an issue where password reset tokens were not
   properly invalidated
 * Props to [ka1n4t](https://github.com/ka1n4t) for finding an issue where certain
   private posts can be viewed unauthenticated
 * Props to [Evan Ricafort](https://evanricafort.com/) for discovering an XSS issue
   in the Customizer
 * Props to Ben Bidner from the WordPress Security Team who discovered an XSS issue
   in the search block
 * Props to Nick Daugherty from WPVIP.com / WordPress Security Team who discovered
   an XSS issue in wp-object-cache
 * Props to Ronnie Goodrich ([Kahoots](https://hackerone.com/kahoots)) and [Jason Medeiros](http://pentestusa.com/)
   who independently reported an XSS issue in file uploads.

## 󠀁[List of Files Revised](https://wordpress.org/documentation/wordpress-version/version-4.1.30/?output_format=md#list-of-files-revised)󠁿

    ```wp-block-preformatted
    /wp-includes/formatting.php
    /wp-includes/query.php
    /wp-includes/user.php
    ```

First published

April 29, 2020

Last updated