WordPress 4.7.3 has just been released. The third in a series of recent security releases by WordPress to fix the core.
This new 4.7.3 core release fixes three Cross Site Scripting vulnerabilities:
- Cross-site scripting (XSS) via media file metadata.
- Cross-site scripting (XSS) via video URL in YouTube embeds.
- Cross-site scripting (XSS) via taxonomy term names.
It also fixes additional security issues and 39 maintenance fixes to fix a range of non-security related issues.
So what should you do?
Go into your WordPress Dashboard, click on ‘Updates’ and make sure that you have the latest version of WordPress. You should see a message like this.
If you do not have the latest version, I strongly recommend that you update to the latest version of WordPress. As always before updating your website ensure you have a backup of your website.
All clients who are under our Website Maintenance Protection plan have all been updated to the latest version of WordPress. So naturally no action is needed on your part.
Have a question?
If you have any questions please do contact me.