Craig Small <csmall-8fiUuRrzOP0dnm+yROfE0A< at >public.gmane.org> uploaded new packages for wordpress which fixed the following securty problems: CVE-2016-4566 Reflected XSS in PLupload and mediaelement For the jessie-backports distribution the problems have been fixed in version 4.5.2+dfsg-1~bpo8+1