WordPress 4.7.5 Security & Maintenance Release – Immediate Update Recommended

Last updated on
Share
Tweet
Share
Email

WordPress 4.7.5 is now available which addresses six different security fixes. It is highly recommended to update immediately. The fixes are as follows:

  1. Insufficient redirect validation in the HTTP class.
  2. Improper handling of post metadata values in the XML-RPC API.
  3. Lack of capability checks for post metadata in the XML-RPC API.
  4. A Cross-Site Request Forgery (CRSF) vulnerability was discovered in the filesystem credentials dialog.
  5. A cross-site scripting (XSS) vulnerability was discovered when attempting to upload very large files.
  6. A cross-site scripting (XSS) vulnerability was discovered related to the Customizer.

In addition, WordPress 4.7.5 contains 3 maintenance fixes to the 4.7 release series.

So head over to your Dashboard and make an update immediately. Simply click on the “Update Now” button. You can also, download WordPress 4.7.5 if you want manual updates.

That’s all, enjoy.

Let me know your thoughts in the comment section below.

Share
Tweet
Share
Email
Our Most Popular Post Right Now!
Disclosure: Some of the links on this site are “affiliate links”, which allow me to earn a small referral payment if you choose to purchase the product or service.

2 Responses

  1. very nice and awesome topic
    Thank you so much for this walkthrough. Currently, implemented SSL on one of my sites lately and got no issues.

    Also, if you have activated the Better Search & Replace plugin, it is highly recommended to removed it once you are done using it.

    Thanks again for this awesome article.

    1. Thanks for dropping by, Mohammad.

      Glad you already did. And yes, one should deact/removed it once done. It is not recommended to just leave it there.

      ~Rod

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Recommended Book: WordPress All-in-One For Dummies
Subscribe to Blog via Email
Enter your email address to subscribe to this blog and receive notifications of new posts by email.
This field is for validation purposes and should be left unchanged.

Don’t worry, we hate spam as much as you do.
Do you need help setting up WordPress?
I can help you with blog and site setup, full website build, performance & security, maintenance and support, and many more.
Recommended Web Hosting