On the evening of October 14, 2019, the updated version was released to the public WordPress 5.2.4.
To update to WordPress version 5.2.4, you can do it automatically from the path Dashboard > Updates menu, ή επισκεφτείτε την address https://wordpress.org/download/release-archive/ to download the new version.
From the announcement of the WordPress 5.2.4 release we see that all versions of 5.2 had the following bugs, which were fixed in 5.2.4.
Software updates are also available for versions 5.1 or 3.7 for anyone not using the 5.2 version.
Vulnerabilities that the new version fixes:
Evan Ricafort discovered one problem XSS (cross-site scripting) that could work in the Customizer.
JD Grimes discovered and mentioned a method that can be seen in unauthenticated posts.
Weston Ruter found an XSS with Javascript injected into style tags
David Newman discovered a method for poisoning the cache of JSON GET requests via the Vary: Origin header.
Eugene Kolodenker found a server-side request forgery
Ben Bidner from WordPress Security Team discovered issues with admin's referrer validation.
Those of you who want to upgrade manually, the files that were changed with the update are:
/wp-includes/class-wp.php /wp-includes/class-wp-query.php /wp-includes/functions.php /wp-includes/http.php /wp-includes/pluggable.php / wp-includes /rest-api.php
