Network Security, Patch/Configuration Management, Vulnerability Management

WordPress 4.5.3 release mends eight security flaws, 17 bugs

June 22, 2016

WordPress has released version 4.5.3 of its content management system, fixing eight security vulnerabilities that surfaced in previous versions, as well as 17 other bugs.

In its latest online maintenance and security release, WordPress described the eight security holes as follows: a redirect bypass in the customizer, two cross-site scripting problems via attachment names, a revision history information disclosure issue, an oEmbed denial of service flaw, the unauthorized category removal from a post, password changes via stolen cookies and insufficiently secure “sanitize_file_name” edge cases.

WordPress has recommended that its users update their websites immediately with the new version. Sites that support automatic background updates have already begun updating to 4.5.3.

An In-Depth Guide to Network Security

Get essential knowledge and practical strategies to fortify your network security.

Learn More

Bradley Barth

As director of multimedia content strategy at CyberRisk Alliance, Bradley Barth develops content for online conferences, webcasts, podcasts video/multimedia projects — often serving as moderator or host. For nearly six years, he wrote and reported for SC Media as deputy editor and, before that, senior reporter. He was previously a program executive with the tech-focused PR firm Voxus. Past journalistic experience includes stints as business editor at Executive Technology, a staff writer at New York Sportscene and a freelance journalist covering travel and entertainment. In his spare time, Bradley also writes screenplays.

Network Security

2025 Forecast: AI to supercharge attacks, quantum threats grow, SaaS security woes

Stephen WeigandJanuary 1, 2025

SC Media's 2025 annual roundup of predictions, forecasts and warnings for the year ahead by top cybersecurity experts.

Network Security

Thousands of vulnerable Four-Faith routers threatened by ongoing intrusions

SC StaffDecember 30, 2024

More than 15,000 internet-exposed Four-Faith F3x24 and F3x36 routers could potentially be compromised in ongoing intrusions exploiting the high-severity operating system command injection flaw, tracked as CVE-2024-12856, according to The Hacker News.

(Credit: Rafael Henrique – stock.adobe.com)

Network Security

Palo Alto Networks patches DoS bug in PAN-OS software

Steve ZurierDecember 27, 2024

DoS flaw actively exploited in production. Security pros warn teams to patch right away.

Related Events

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

WordPress 4.5.3 release mends eight security flaws, 17 bugs

An In-Depth Guide to Network Security

Related

2025 Forecast: AI to supercharge attacks, quantum threats grow, SaaS security woes

Thousands of vulnerable Four-Faith routers threatened by ongoing intrusions

Palo Alto Networks patches DoS bug in PAN-OS software

Related Events

Building Modern Network security: Forecast and guidance: Late 2024, early 2025

The Security Experts Next Door: Enterprise Defense on a Lean Budget

Network security: New tools for an aging art

Get daily email updates