The core team at WordPress has released another quick update to 4.5 Coleman, with 4.5.2, a security update which patches security holes from the last update. The first security hole is a SOME (Same-Origine Method Execution) vulnerability in Plupload, the third-party method WordPress uses to upload media files. The second involves a cross-site-scripting vulnerability inside MediaElement.js and the third is a separate third-party library WordPress uses for media players.
READ MORE // WordPress 4.4.2 Released To Fix Security Issues
Auto Updates have already rolled out to sites, but if you don’t have automatic updates enabled (and you should!), head to:
Dashboard > Updates > Update Now
In addition to the update, the core team at WordPress has published a post concerning the multiple vulnerabilities discovered in ImageMagick, a popular image processing script used on thousands of webhosting servers. The post describes how WordPress is affected and what the team is doing to mitigate issues.