WordPress 4.7.3 Security and Maintenance Release – Upgrade NOW

WordPress 4.7.3 is now available. It is the third in a series of recent security releases for WordPress core and we strongly encourage you to upgrade now.

This new 4.7.3 core release fixes three Cross-Site Scripting vulnerabilities:

  • Cross-site scripting (XSS) via media file metadata.
  • Cross-site scripting (XSS) via video URL on YouTube embeds.
  • Cross-site scripting (XSS) via taxonomy term names.

WordPress Security Maintenance Releases
It also fixed the following additional security issues:

  • Control characters can trick redirect URL validation.
  • Unintended files can be deleted by administrators using the plugin deletion functionality.
  • Cross-site request forgery (CSRF) in “Press This” leading to excessive use of server resources.

In addition to the security issues above, it includes 39 maintenance fixes to fix a range of non-security related issues.

These security and maintenance releases should not be taken for granted. If you have not upgraded to version 4.7.3, we highly encourage you to do so right now!

That’s all, enjoy.

Let me know your thoughts in the comment section below.

Disclosure: This page may contains external affiliate links that may result in me receiving a commission if you choose to purchase the product or service at no additional cost to you.

2 Replies to “WordPress 4.7.3 Security and Maintenance Release – Upgrade NOW”

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.