A new WordPress update, pushed this week, resolves eight security issues, including a handful of XSS and CSRF bugs.