On 21 June, 2016, WordPress 4.5.3 was released to the public.
To download WordPress 4.5.3, update automatically from the Dashboard > Updates menu in your site’s admin area or visit https://wordpress.org/download/release-archive/.
For step-by-step instructions on installing and updating WordPress:
If you are new to WordPress, we recommend that you begin with the following:
- New To WordPress – Where to Start
- First Steps With WordPress or Upgrading WordPress Extended
- WordPress Lessons
From the WordPress 4.5.3 release notes, WordPress versions 4.5.2 and earlier are affected by several security issues: redirect bypass in the customizer, reported by Yassine Aboukir; two different XSS problems via attachment names, reported by Jouko Pynnönen and Divyesh Prajapati; revision history information disclosure, reported independently by John Blackbourn from the WordPress security team and by Dan Moen; oEmbed denial of service reported by Jennifer Dodd from Automattic; unauthorized category removal from a post, reported by David Herrera from Alley Interactive; password change via stolen cookie, reported by Michael Adams from the WordPress security team; and some less secure sanitize_file_name edge cases reported by Peter Westwood of the WordPress security team.
WordPress 4.5.3 also fixes 17 bugs from 4.5, 4.5.1 and 4.5.2:
- #35657 Image height calculation not always available on body.load
- #36379 Saving post can remove its hierarchical terms if user cannot assign terms
- #36531 Default image size medium_large is not generated
- #36533 Browse Media doesn’t work on front-end
- #36590 POST[‘nav-menu-data’] breaks other POST
- #36637 Inline linking inserts `_wp_link_placeholder`
- #36660 WP_Customize_Widgets::preview_sidebars_widgets() can return false
- #36708 Silence ini_set() in wp_debug_mode() if WP_DEBUG is off
- #36748 Updating tables to utf8mb4 causes some columns to change type
- #36749 Customizer wont load: issue with site-icon control
- #36767 oEmbed performance optimisation
- #36793 Customizer doesn’t load in IE8
- #36838 Invalid argument supplied for foreach() in /wp-includes/theme-compat/embed-content.php
- #36861 The Insert into post button in the Edit Image window doesn’t work.
- #36876 TinyMCE: inline toolbars don’t adjust position
- #36892 Update jQuery migrate to 1.4.1
- #36900 Media grid AttachmentsBrowser arrows navigation and restoreFocus()
List of Files Revised
readme.html wp-admin/about.php wp-admin/nav-menus.php wp-admin/includes/ajax-actions.php wp-admin/includes/upgrade.php wp-admin/includes/post.php wp-admin/includes/class-wp-media-list-table.php wp-admin/options.php wp-admin/revision.php wp-includes/load.php wp-includes/default-filters.php wp-includes/theme-compat/embed-content.php wp-includes/embed.php wp-includes/class-wp-customize-manager.php wp-includes/js/media-views.js wp-includes/js/tinymce/wp-tinymce.js.gz wp-includes/js/tinymce/plugins/wordpress/plugin.js wp-includes/js/tinymce/plugins/wordpress/plugin.min.js wp-includes/js/tinymce/plugins/wplink/plugin.js wp-includes/js/tinymce/plugins/wplink/plugin.min.js wp-includes/js/media-views.min.js wp-includes/js/jquery/jquery-migrate.js wp-includes/js/jquery/jquery.js wp-includes/js/jquery/jquery-migrate.min.js wp-includes/class-oembed.php wp-includes/version.php wp-includes/customize/class-wp-customize-media-control.php wp-includes/customize/class-wp-customize-site-icon-control.php wp-includes/pluggable.php wp-includes/script-loader.php wp-includes/formatting.php wp-includes/class-wp-customize-widgets.php wp-includes/post-template.php