Wordpress has announced a critial update for all existing installations.
With this critical update, WordPress will be upgraded to version 4.7.3
According to official announcement from WordPress.org, this is a security release for all previous versions and we strongly encourage you to update your sites immediately.
WordPress versions 4.7.2 and earlier are affected by six security issues:
- Cross-site scripting (XSS) via media file metadata.
- Control characters can trick redirect URL validation.
- Unintended files can be deleted by administrators using the plugin deletion functionality.
- Cross-site scripting (XSS) via video URL in YouTube embeds.
- Cross-site scripting (XSS) via taxonomy term names.
- Cross-site request forgery (CSRF) in Press This leading to excessive use of server resources.
In addition to the security issues above, WordPress 4.7.3 contains 39 maintenance fixes to the 4.7 release series.
How to upgrade WordPress?
In order to upgrade your WordPress, please login to admin dashboard of your WordPress installation -> Updates
There you will view an option to check updates for your WordPress installation.
If your WordPress is not configured to automatically update, you will see the new version for WordPress i.e 4.7.3 available for upgrade. Kindly upgrade your wordpress to the new version.
If your existing i.e installed themes or plugins need any upgrade, kindly upgrade them to keep your wordpress website secure and optimized.
Signup with our managed WordPress hosting plans and have your wordpress website upgraded automatically :