WordPress Update Resolves XSS, Path Traversal Vulnerabilities
Developers with WordPress are strongly encouraging users of the content management system to update to the most recent version, 4.6.1, released on Wednesday.
Article source: https://threatpost.com/vulnerability-patched-in-wordpress-theme-that-allows-unrestricted-uploads/120698/