WordPress 4.6.1 Security Release

WordPress version 4.6.1 was released today which was a security release.  We have already updated all customers to this new version.  Below you can find the details of this release.

WordPress versions 4.6 and earlier are affected by two security issues: a cross-site scripting vulnerability via image filename, reported by SumOfPwn researcher Cengiz Han Sahin; and a path traversal vulnerability in the upgrade package uploader, reported by Dominik Schilling from the WordPress security team.