https://www.us-cert.gov/ncas/current-activity/2020/04/30/wordpress-releases-security-update

WordPress 5.4.1

WordPress 5.4 and prior versions are affected by multiple vulnerabilities. An attacker could exploit some of these vulnerabilities to take control of an affected website.  CISA encourages users and administrators to review the WordPress Security Release and upgrade to WordPress 5.4.1.