WordPress 4.5.2 Security Release

WordPress 4.5.2 is now available. This is an important security release that includes fixes for critical vulnerabilities and improvements for WordPress 4.5.1 and lower and is recommended for all WordPress users.

As always, Managed WordPress websites will be updated by 1&1 automatically. If you have installed WordPress yourself or use a standard installation from the 1&1 App Center, you can update to 4.5.2 from your WordPress Dashboard.


This release contains important security updates and bug fixes, among other smaller improvements:

  • Fixes for WordPress 4.5.1 and earlier: SOME-vulnerability through Plupload. Plupload is a third-party library used by WordPress for uploading files.
  • Fixes for WordPress 4.2 – WordPress 4.5.1: XSS-vulnerability using specially crafted URIs through MediaElement.js, the third-party library used for media players.