Automattic developers have just released the new WordPress 4.5.3 update. It is a security update and fix 17 bugs.
Let's look at some of the release notes:
WordPress version 4.5.2 and all previous ones are affected by various issues ασφάλειας: παρακάμψεις στο redirect in customization, reported by Yassine Aboukir, two different XSS issues via attachment names reported by Jouko Pynnönen and Divyesh Prajapati revision history reveals information, independently reported by John Blackbourn, from the WordPress security team, and by Dan Moen.
A denial of service issue via oEmbed reported by Jennifer Dodd and Automattic, unauthorized category removal from a post, reported by David Herrera of Alley Interactive, password change via stolen cookies, reported by Michael Adams of the thw WordPress security team, and some smaller vulnerabilities such as sanitize_file_name reported by Peter Westwood of the WordPress security team.
More at the following link:
The files that were changed with the update in WordPress 4.5.3 are the following:
readme.html wp-admin/about.php wp-admin/nav-menus.php wp-admin/includes/ajax-actions.php wp-admin/includes/upgrade.php wp-admin/includes/post.php wp- admin/includes/class-wp-media-list-table.php wp-admin/options.php wp-admin/revision.php wp-includes/load.php wp-includes/default-filters.php wp-includes/theme -compat/embed-content.php wp-includes/embed.php wp-includes/class-wp-customize-manager.php wp-includes/js/media-views.js wp-includes/js/tinymce/wp-tinymce .js.gz wp-includes/js/tinymce/plugins/wordpress/plugin.js wp-includes/js/tinymce/plugins/wordpress/plugin.min.js wp-includes/js/tinymce/plugins/wplink/plugin. js wp-includes/js/tinymce/plugins/wplink/plugin.min.js wp-includes/js/media-views.min.js wp-includes/js/jquery/jquery-migrate.js wp-includes/js/ jquery/jquery.js wp-includes/js/jquery/jquery-migrate.min.js wp-includes/class-oembed.php wp-includes/version.php wp-includes/customize/class-wp-customize-media- control.php wp-includes/customize/class-wp-customize-site-icon-control.php wp-includes/pluggable.php wp-includes/script-loader.php wp-includes/formatting.php wp-includes/class-wp-customize-widgets.php wp-includes/post-template.php