A zero day vulnerability exists in WordPress Core that in some instances, could allow an attacker to reset a user’s password and in turn, gain access to their account.

WordPress last week updated to version 4.5.3, a security release for all versions of the content management system. The update patches more than two dozen vulnerabilities, including 17 bugs introduced in the last three releases, all published this year. Many of the vulnerabilities can be exploited remotely and allow an attacker to control of a...