Security Release – WordPress 4.7.2


A new version of WordPress has been released comprised of 3 security fixes. Users are advised to update to WordPress version 4.7.2 immediately.


WordPress 4.7.2

WordPress versions 4.7.1 and earlier are affected by three security issues.

Security Issues

  1. The UI for assigning taxonomy terms is viewable to users who should not have permission to use it.
  2. WP_Query is vulnerable to an SQL Inject attack.
  3. Cross-site Scripting vulnerabilities are present in the posts list table.

We advise all WordPress users to update to 4.7.2 immediately to prevent the risk of a site compromise.

Updating WordPress is as simple as navigating to DashboardUpdates and clicking Update Now or alternatively by downloading directly.
Your website may be up to date if your site supports automatic background updates, so in cases there may be no need to manually update.

As always, our thanks goes to the great community members acting out responsible disclosure, and the amazing WordPress development team for their quick patching.
Don’t delay, upgrade today!


Rate this post 1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)
Loading...

This entry was posted in General, WordPress and tagged . Bookmark the permalink.

Leave a Reply

Please DO NOT use this form to submit support requests, all information submitted will be PUBLICLY VISIBLE.

Required fields are marked *

Time limit is exhausted. Please reload CAPTCHA.