WordPress 4.7.5 release
A new version of WordPress was released on 17th May 2017, and is a security release that fixes Six vulnerabilities. It’s recommended that you install this version of WordPress as soon as possible.
Specifically, the vulnerabilities are:
- Insufficient redirect validation in the HTTP class
- Improper handling of post metadata values in the XML-RPC API
- Lack of capability checks for post meta data in the XML-RPC API
- A Cross Site Request Forgery (CRSF) vulnerability was discovered in the filesystem credentials dialog
- A cross-site scripting (XSS) vulnerability was discovered when attempting to upload very large files
- A cross-site scripting (XSS) vulnerability was discovered related to the Customizer
If you would like assistance with this upgrade, OSD Digital Agency can help.