WordPress 4.7.5 release

A new version of WordPress was released on 17th May 2017, and is a security release that fixes Six vulnerabilities. It’s recommended that you install this version of WordPress as soon as possible.

Specifically, the vulnerabilities are:

  • Insufficient redirect validation in the HTTP class
  • Improper handling of post metadata values in the XML-RPC API
  • Lack of capability checks for post meta data in the XML-RPC API
  • A Cross Site Request Forgery (CRSF) vulnerability was discovered in the filesystem credentials dialog
  • A cross-site scripting (XSS) vulnerability was discovered when attempting to upload very large files
  • A cross-site scripting (XSS) vulnerability was discovered related to the Customizer


If you would like assistance with this upgrade, OSD Digital Agency can help.