WordPress 4.5.2 patches security vulnerabilities

Over the weekend the WordPress COE team released version 4.5.2 of the popular content management system fixing 2 security vulnerabilities found in third party libraries used within WordPress.

The first is a Same-Origin Method Execution in Plupload, the third party library WordPress uses to handle file uploads. The second is a reflected cross-site-scripting vulnerability in MediaElement.js, the third-party library used for media players.

WordPress’s new automatic update feature will apply this update to your site over the next week as the release is marked medium risk but if you can’t wait you can manually apply the update from within WordPress under Dashboard > Updates.

All PinkMac WordPress customers with managed hosting have nothing to worry about as we have applied the updates on your websites.