WordPress 4.5.3 was released on June 18. It contains 17 bug-fixes and security related fixes.
The update fixes: two different XSS problems via attachment names, oEmbed denial of service, unauthorized category removal from a post and password change via stolen cookie.
The following bugs have been fixed:
- Image height calculation not always available on body.load
- Saving post can remove its hierarchical terms if user cannot assign terms
- Default image size medium_large is not generated
- Browse Media doesn’t work on front-end
- POST[’nav-menu-data›] breaks other POST
- Inline linking inserts `_wp_link_placeholder`
- WP_Customize_Widgets::preview_sidebars_widgets() can return false
- Silence ini_set() in wp_debug_mode() if WP_DEBUG is off
- Updating tables to utf8mb4 causes some columns to change type
- Customizer wont load: issue with site-icon control
- oEmbed performance optimisation
- Customizer doesn’t load in IE8
- Invalid argument supplied for foreach() in /wp-includes/theme-compat/embed-content.php
- The Insert into post button in the Edit Image window doesn’t work.
- TinyMCE: inline toolbars don’t adjust position
- Update jQuery migrate to 1.4.1
- Media grid AttachmentsBrowser arrows navigation and restoreFocus()
Don’t forget to keep your WordPress installation up to date and backup before you press the button.
This posting first appeared on the official WordPress website.
