Network Security, Patch/Configuration Management, Vulnerability Management

WordPress 4.5.3 release mends eight security flaws, 17 bugs

WordPress has released version 4.5.3 of its content management system, fixing eight security vulnerabilities that surfaced in previous versions, as well as 17 other bugs.

In its latest online maintenance and security release, WordPress described the eight security holes as follows: a redirect bypass in the customizer, two cross-site scripting problems via attachment names, a revision history information disclosure issue, an oEmbed denial of service flaw, the unauthorized category removal from a post, password changes via stolen cookies and insufficiently secure “sanitize_file_name” edge cases.

WordPress has recommended that its users update their websites immediately with the new version. Sites that support automatic background updates have already begun updating to 4.5.3.

Bradley Barth

As director of multimedia content strategy at CyberRisk Alliance, Bradley Barth develops content for online conferences, webcasts, podcasts video/multimedia projects — often serving as moderator or host. For nearly six years, he wrote and reported for SC Media as deputy editor and, before that, senior reporter. He was previously a program executive with the tech-focused PR firm Voxus. Past journalistic experience includes stints as business editor at Executive Technology, a staff writer at New York Sportscene and a freelance journalist covering travel and entertainment. In his spare time, Bradley also writes screenplays.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.