WordPress Security Vulnerabilities Found – Update to WordPress v4.7.2 Now
by Next Century
If you have not already updated your WordPress websites to WordPress 4.7.2, you need to do so immediately.
While three security vulnerabilities were disclosed in the original WordPress 4.7.2 security release post last week, a disclosure of additional security fix in WordPress 4.7.2 was announced yesterday.
In this security disclosure, an Unauthenticated Privilege Escalation Vulnerability in a REST API Endpointvulnerability was disclosed to exist in WordPress 4.7 and 4.7.1. This vulnerability allows attackers to bypass standard WordPress security measures in order to change content. Because of the significance of this vulnerability, we strongly recommend you update your WordPress websites to WordPress 4.7.2 as quickly as possible.
Updating to WordPress 4.7.2
While WordPress 4.7.2 was released as an auto update, confirm your site have been updated successfully. You’ll find the WordPress 4.7.2 update available from your WordPress dashboard.
Visit the Updates page by clicking the icon in the top navigation bar. As always, it’s a good idea to run a WordPress backup (Backup Buddy) before updating.
August 1, 2017