WordPress 4.7.2 security update

WordPress 4.7.2 was released last Thursday, January 26th.

WordPress have just announced that In addition to the three security vulnerabilities mentioned in the original release post, WordPress 4.7 and 4.7.1 had one additional vulnerability for which disclosure was delayed.

The fourth security issue, which is rated severe, was not mentioned because it was so severe that the company deemed it more important to patch against it before it became known. The issue was an Unauthenticated Privilege Escalation Vulnerability in a REST API Endpoint.

Previous versions of WordPress, even with the REST API Plugin, were never vulnerable to this.

If you have not already updated, please do so immediately.

Related Posts

Privacy Preferences
When you visit our website, it may store information through your browser from specific services, usually in form of cookies. Here you can change your privacy preferences. Please note that blocking some types of cookies may impact your experience on our website and the services we offer.