A new version of WordPress has been released comprised of various security and bug fixes. Users are advised to update to WordPress version 4.7.1 immediately.
WordPress 4.7.0 and earlier versions are affected by eight security issues. We advise all WordPress users to update their websites to the latest version to prevent the abuse of these issues.
- Remote Code Execution in the PHPMailer.
- REST API Issues.
- 2 Cross-site Scripting Vulnerabilities.
- 2 Cross-site Request Forgery Vulnerabilities.
- Weak Cryptographic Security on the Multisite Activation Key.
- Post Vulnerability via Email Checks.
Along with these various security patches, 62 bugs from WordPress 4.7 have also been fixed.
For full details on these vulnerabilities and the patches employed, please see the WordPress 4.7.1 release notes.
As always our thanks goes to amazing community members that reported these issues and the WordPress team for employing speedy fixes.
Updating WordPress is as simple as navigating to Dashboard → Updates and clicking “Update Now” or alternatively by downloading directly.
Your website may be up to date if your site supports automatic background updates, so in cases there may be no need to manually update.
Rate this post