Today, WordPress has pushed an all new security release i.e. WordPress 4.7.3 for all the previous versions, and we encourage you to update your website asap. The WordPress 4.7.2 and earlier versions are sufficiently affected by six security issues:
- Control characters can trick redirect URL validation.
- Cross – site scripting (XSS) via media file metadata.
- Cross-site scripting (XSS) via video URL in YouTube embeds.
- Unintended files can be deleted by administrators using the plugin deletion functionality.
- Cross – site scripting (XSS) via taxonomy term names.
- Cross-site request forgery (CSRF) in Press This leading to excessive use of server resources.
In addition to above security issues, WordPress 4.7.3 contains 39 maintenance and fixes to 4.7 release notes.
Don’t forget to take a backup before upgrading to 4.7.3. Click Here to Know more about WordPress 4.7.3.
Download WordPress 4.7.3 – Click Here