WordPress has recently rolled out a security release: WordPress 4.7.3. WordPress version 4.7.2 and earlier are affected by a number of security issues:
- cross-site scripting (XSS) via media file metadata
- cross-site scripting (XSS) via YouTube video URL embed
- unintended files being deleted by administrators using plugin deletion functionality
- and more…
We strongly encourage all users to log into their sites to check if an update is required. Depending on the existing version of WordPress you have, your WordPress may have been automatically updated. If a manual update is needed, remember to perform a full site backup before updating your site. To update, log into the WordPress dashboard. Hit the “Update Now” button located on the top of the browser. For full details of the release, please visit this article from WordPress.org.