WordPress has just published a security and maintenance release to their software. All WordPress websites should be upgraded since a cross-site scripting vulnerability was found.
WordPress 4.6.1 Security and Maintenance Release (wordpress.org)
WordPress 4.6.1 is now available. This is a security release for all previous versions and we strongly encourage you to update your sites immediately.
WordPress versions 4.6 and earlier are affected by two security issues: a cross-site scripting vulnerability via image filename, reported by SumOfPwn researcher Cengiz Han Sahin; and a path traversal vulnerability in the upgrade package uploader, reported by Dominik Schilling from the WordPress security team.
Thank you to the reporters for practicing responsible disclosure.
In addition to the security issues above, WordPress 4.6.1 fixes 15 bugs from 4.6. For more information, see the release notes or consult the list of changes.
The previous version of WordPress was 4.6 released on August 16, 2016.
Our Website Maintenance Department will be in contact with you regarding these upgrades. Clients that have signed up for our Automatic WordPress Update Program or Website Care program will get their website updated in the next week or so or if a follow-up version of WordPress is released.
View the complete list of WordPress versions here.
Read more about why WordPress updates are important.
What is the "Website Care" Program?
If you haven't heard about our Website Care program, then you're missing out on savings and peace of mind!
There are different levels to choose from but with each level, you get your installation of WordPress checked weekly for updates to the core software, plugins and themes. The benefit is that your website software is kept up to date. This work is done by hand and we test your website after the upgrade to make sure everything works like it should.
The program is either by monthly subscription or you can save 10% and pay for a year in advance. When you use this program you save about 40% on updating WordPress. It's kind of a no-brainer!
Sleep better knowing that your website is being taken care of when you enroll in our Website Care program today!
-Webstix Support