Прилетело сегодня обновление.
WordPress 4.5.3 Maintenance and Security Release
Изменения
From the WordPress 4.5.3 release notes, WordPress versions 4.5.2 and earlier are affected by several security issues: redirect bypass in the customizer, reported by Yassine Aboukir; two different XSS problems via attachment names, reported by Jouko Pynnönen and Divyesh Prajapati; revision history information disclosure, reported independently by John Blackbourn from the WordPress security team and by Dan Moen; oEmbed denial of service reported by Jennifer Dodd from Automattic; unauthorized category removal from a post, reported by David Herrera from Alley Interactive; password change via stolen cookie, reported by Michael Adams from the WordPress security team; and some less secure sanitize_file_name edge cases reported by Peter Westwood of the WordPress security team.
WordPress 4.5.3 also fixes 17 bugs from 4.5, 4.5.1 and 4.5.2:
WordPress 4.5.3 Maintenance and Security Release
Изменения
From the WordPress 4.5.3 release notes, WordPress versions 4.5.2 and earlier are affected by several security issues: redirect bypass in the customizer, reported by Yassine Aboukir; two different XSS problems via attachment names, reported by Jouko Pynnönen and Divyesh Prajapati; revision history information disclosure, reported independently by John Blackbourn from the WordPress security team and by Dan Moen; oEmbed denial of service reported by Jennifer Dodd from Automattic; unauthorized category removal from a post, reported by David Herrera from Alley Interactive; password change via stolen cookie, reported by Michael Adams from the WordPress security team; and some less secure sanitize_file_name edge cases reported by Peter Westwood of the WordPress security team.
WordPress 4.5.3 also fixes 17 bugs from 4.5, 4.5.1 and 4.5.2:
- #35657 Image height calculation not always available on body.load
- #36379 Saving post can remove its hierarchical terms if user cannot assign terms
- #36531 Default image size medium_large is not generated
- #36533 Browse Media doesn't work on front-end
- #36590 POST['nav-menu-data'] breaks other POST
- #36637 Inline linking inserts `_wp_link_placeholder`
- #36660 WP_Customize_Widgets:review_sidebars_widgets() can return false
- #36708 Silence ini_set() in wp_debug_mode() if WP_DEBUG is off
- #36748 Updating tables to utf8mb4 causes some columns to change type
- #36749 Customizer wont load: issue with site-icon control
- #36767 oEmbed performance optimisation
- #36793 Customizer doesn't load in IE8
- #36838 Invalid argument supplied for foreach() in /wp-includes/theme-compat/embed-content.php
- #36861 The Insert into post button in the Edit Image window doesn't work.
- #36876 TinyMCE: inline toolbars don't adjust position
- #36892 Update jQuery migrate to 1.4.1
- #36900 Media grid AttachmentsBrowser arrows navigation and restoreFocus()