{"id":1000,"date":"2016-05-17T10:48:35","date_gmt":"2016-05-17T09:48:35","guid":{"rendered":"http:\/\/ukwebsolutionsdirect.co.uk\/blog\/?p=1000"},"modified":"2016-05-17T10:48:35","modified_gmt":"2016-05-17T09:48:35","slug":"wordpress-4-5-2-security-release","status":"publish","type":"post","link":"http:\/\/ukwebsolutionsdirect.co.uk\/blog\/wordpress-hosting\/wordpress-4-5-2-security-release","title":{"rendered":"WordPress 4.5.2 Security Release"},"content":{"rendered":"<p>WordPress has released its latest version 4.5.2 as a\u00a0security release\u00a0for all previous versions. We strongly encourage you to update your sites immediately.<\/p>\n<p>This version patches two security vulnerabilities in WordPress versions 4.5.1 and below.<\/p>\n<ul>\n<li>The first is a SOME vulnerability\u00a0(Same-Origin Method Execution) in Plupload, the third-party library WordPress uses for uploading files.<\/li>\n<li>The second is a reflected cross-site-scripting vulnerability in MediaElement.js, the third-party library used for media players. MediaElement.js and Plupload have also released updates fixing these issues.<\/li>\n<\/ul>\n<p>Mario Heiderich, Masato Kinugawa and Filedescriptor of\u00a0Cure53\u00a0are credited with responsibly disclosing\u00a0the vulnerabilities.<\/p>\n<p>Auto updates are rolling out to sites but if you don\u2019t want to wait, browse to Dashboard &gt; Updates and click the Update Now button.<\/p>\n<p>Moreover, the core team has\u00a0<a href=\"https:\/\/make.wordpress.org\/core\/2016\/05\/06\/imagemagick-vulnerability-information\/\">published a post<\/a>\u00a0concerning the\u00a0multiple vulnerabilities\u00a0discovered in ImageMagick, a popular image processing script used on thousands of webhosting servers. The post describes how WordPress is affected and what the team is doing to mitigate issues.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>WordPress has released its latest version 4.5.2 as a\u00a0security release\u00a0for all previous versions. We strongly encourage you to update your sites immediately. This version patches two security vulnerabilities in WordPress versions 4.5.1 and below. The first is a SOME vulnerability\u00a0(Same-Origin Method Execution) in Plupload, the third-party library WordPress uses for uploading files. The second is [&hellip;]<\/p>\n","protected":false},"author":7,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":[],"categories":[97],"tags":[133,15,161],"_links":{"self":[{"href":"http:\/\/ukwebsolutionsdirect.co.uk\/blog\/wp-json\/wp\/v2\/posts\/1000"}],"collection":[{"href":"http:\/\/ukwebsolutionsdirect.co.uk\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/ukwebsolutionsdirect.co.uk\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/ukwebsolutionsdirect.co.uk\/blog\/wp-json\/wp\/v2\/users\/7"}],"replies":[{"embeddable":true,"href":"http:\/\/ukwebsolutionsdirect.co.uk\/blog\/wp-json\/wp\/v2\/comments?post=1000"}],"version-history":[{"count":4,"href":"http:\/\/ukwebsolutionsdirect.co.uk\/blog\/wp-json\/wp\/v2\/posts\/1000\/revisions"}],"predecessor-version":[{"id":1004,"href":"http:\/\/ukwebsolutionsdirect.co.uk\/blog\/wp-json\/wp\/v2\/posts\/1000\/revisions\/1004"}],"wp:attachment":[{"href":"http:\/\/ukwebsolutionsdirect.co.uk\/blog\/wp-json\/wp\/v2\/media?parent=1000"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/ukwebsolutionsdirect.co.uk\/blog\/wp-json\/wp\/v2\/categories?post=1000"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/ukwebsolutionsdirect.co.uk\/blog\/wp-json\/wp\/v2\/tags?post=1000"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}