WordPress 4.9.2 Security and Maintenance Release
ほい、アップデートと!クロスサイトスクリプティングの脆弱性がMediaElementで存在らしい
An XSS vulnerability was discovered in the Flash fallback files in MediaElement, a library that is included with WordPress. Because the Flash files are no longer needed for most use cases, they have been removed from WordPress. MediaElement has released a new version that contains a fix for the bug, and a WordPress plugin containing the fixed files is available in the plugin repository.
WordPress 4.9.2 Security and Maintenance Release