A security release was issued by WordPress. We suggest you have this update applied to your WordPress website immediately.
WordPress 4.7.2 Security Release (wordpress.org)
WordPress 4.7.2 is now available. This is a security release for all previous versions and we strongly encourage you to update your sites immediately.
WordPress versions 4.7.1 and earlier are affected by three security issues:
- The user interface for assigning taxonomy terms in Press This is shown to users who do not have permissions to use it. Reported by David Herrera of Alley Interactive.
- WP_Query is vulnerable to a SQL injection (SQLi) when passing unsafe data. WordPress core is not directly vulnerable to this issue, but we’ve added hardening to prevent plugins and themes from accidentally causing a vulnerability. Reported by Mo Jangda (batmoo).
- A cross-site scripting (XSS) vulnerability was discovered in the posts list table. Reported by Ian Dunn of the WordPress Security Team.
The previous version of WordPress was 4.7.1 released on January 12, 2017.
Our Website Maintenance Department will be in contact with you regarding these upgrades. Clients that have signed up for our Automatic WordPress Update Program or Website Care program will get their website updated in the next week or so or if a follow-up version of WordPress is released.
View the complete list of WordPress versions here.
Read more about why WordPress updates are important.
If you haven’t heard about our Website Care program, then you’re missing out on savings and peace of mind!
There are different levels to choose from but with each level, you get your installation of WordPress checked weekly for updates to the core software, plugins and themes. The benefit is that your website software is kept up to date. This work is done by hand and we test your website after the upgrade to make sure everything works like it should.
The program is either by monthly subscription or you can save 10% and pay for a year in advance. When you use this program you save about 40% on updating WordPress. It’s kind of a no-brainer!
Sleep better knowing that your website is being taken care of when you enroll in our Website Care program today!
-Webstix Support
