Latest WordPress Security Release 4.7.3 fixes six different security vulnerabilities
WordPress 4.7.3 was released just a few hours ago. This is the third major security update for WordPress Core to take place this year.
Today’s security update fixes six security vulnerabilities and 39 maintenance fixes for a range of issues.
Specifically, WordPress 4.7.3 fixes three Cross Site Scripting vulnerabilities. Cross Site Scripting vulnerabilities (XSS) are the most common security vulnerabilities in WordPress. It is a type of security vulnerability commonly found in web applications. They enable an attacker to inject client-side scripts into web pages viewed by other users and may be used to bypass access controls.
The three cross site scripting vulnerabilities fixed in WordPress 4.7.3 include:
- Cross-site scripting via media file metadata
- Cross-site scripting via video URL in Youtube embeds
- Cross-site scripting via taxonomy term names
Additional security issues include:
- Cross-site request forgery in “Press This” leading to excessive use of resources
- Control characters that can trick redirect URL validation
- Unintended files can be deleted by administrators
Apparently the issue is severe enough that the Department of Homeland Security issued an advisory to website administrators through the National Cyber Awareness System.
I strongly recommend that you upgrade to WordPress 4.7.3 if you are a WordPress user. It fixes six different security vulnerabilities.
If not, you are likely to see attacks targeted at these vulnerabilities in the coming days.
We can help you protect your WordPress website through our WordPress maintenance service. We can also help with:
Content Marketing for Local Business
Digital Marketing for Local Business
Sales Funnels for Local Business
Good ranking of https://24online-casino-affiliate-programs.com/ casino and sports betting affiliate programs, Super affiliate programs only with us, review, rating
aviator