Skip to Main Content

QUICK HIT: Security (and Maintenance) Release for WordPress

Posted on 3.13.2017
Open-source content management system WordPress released an urgent security update last week for versions 4.7.2 and earlier and is strongly encouraging users to update immediately. 

The new version (4.7.3) contains fixes to numerous security flaws that allowed for cross-site-scripting (XSS) via media file metadata (as well as video URLs in YouTube embed and taxonomy terms names) and other issues including unintended files which could be deleted by administrators using the plugin deletion functionality and control characters tricking redirect URL validation. There are also some 40 maintenance fixes to this update.

Websites that use the support automatic update feature should already be receiving the recent update but those using manual updates should consider updating to 4.7.3 now.
wordpresslogo_400x400

Leave Your Comment

Login to Comment

Become a Member

Not already a part of our community?
Sign up to participate in the discussion. It's free and quick.

Sign Up

 

Leave a comment
    Load more comments
    New code
  •    
      

    The Ultimate Guide to Personalization

    Kibo