banner
banner
banner

WordPress 4.7.5: Security and Maintenance Release

219

WordPress has recently rolled out a security release: WordPress 4.7.5. WordPress websites built with all previous versions are affected. Some of the security issues include:

  • Insufficient redirect validation in the HTTP class
  • Improper handling of post meta data values in the XML-RPC API
  • Lack of capability checks for post meta data in the XML-RPC API
  • A Cross Site Request Forgery (CRSF) vulnerability was discovered in the filesystem credentials dialog
  • A cross-site scripting (XSS) vulnerability was discovered when attempting to upload very large files
  • A cross-site scripting (XSS) vulnerability was discovered related to the Customizer

We strongly encourage all users to log into their sites to check if an update is required. Depending on the existing version of WordPress you have, your WordPress may have been automatically updated. If a manual update is needed, remember to perform a full site backup before updating your site. To update, log into the WordPress dashboard. Hit the “Update Now” button located on the top of the browser. For full details of the release, please visit this article from WordPress.org.

If you enjoyed this post, please consider leaving a comment or subscribing to the RSS feed to have future articles delivered to your feed reader.

Comments

comments



Related Articles & Comments

Leave a Comment

Your email address will not be published. Required fields are marked *

Popular tags

custom-background custom-header custom-menu featured-images free responsive theme free WordPress plugin free WordPress theme full-width-template one-column responsive-layout responsive theme right sidebar sticky-post theme-options threaded-comments translation-ready two columns White WordPress plugin WordPress theme