WordPress released a security update 4.5.2, on May six two thousand sixteen. This is an update for all previous versions of WordPress. This update includes two major security fixes.
Versions of WordPress up to and including 4.5.1 are susceptible to a third party Plupload security vulnerability. This third party library affects file uploads in WordPress. Another third party libary MediaElements.js affects WordPress’s media player.
This affects WordPress versions 4.2 through 4.5.1. Both these issues were reported by a thirdy party website Cure53.de. Finally, there is a security flaw in ImageMagick that could allow users to perform remote code execution on your server.
You can update your version of WordPress to 4.5.1 by clicking on your “Dashboard” if not already there. Then select “Updates”. Finally click on “Update Now”.
If your WordPress site was configured with automatic background updates, then you should already be updated to 4.5.2. Also, you can download update 4.5.2 directly from WordPress.org archives. Finally, check out this WordPress 4.5.2 update blog post for more details.