WordPress 4.7.3 Security Update

WordPress 4.7.3 was released on March 6 and contains 39 maintenance fixes and fixes following six security issues:

  1. Cross-site scripting (XSS) via media file metadata.
  2. Control characters can trick redirect URL validation.
  3. Unintended files can be deleted by administrators using the plugin deletion functionality.
  4. Cross-site scripting (XSS) via video URL in YouTube embeds.
  5. Cross-site scripting (XSS) via taxonomy term names.
  6. Cross-site request forgery (CSRF) in Press This leading to excessive use of server resources.

An official list can be found here.

Remember to backup and install security related updates fast.

Kommentar verfassen

Deine E-Mail-Adresse wird nicht veröffentlicht. Erforderliche Felder sind mit * markiert