|Issue:||WordPress has released an update that addresses security vulnerabilities. We are urging all WordPress users to update to the latest version (4.7.2).|
|Status:||WordPress 4.7.2 is available|
|Who should upgrade?||All users of WordPrss 4.71 and below|
|Download link||WordPress.org Home Page|
WordPress has released version 4.7.2. This is a SECURITY and maintenance release. This release addresses three main security issues:
- The user interface for assigning taxonomy terms in Press This – users without permission are seeing it
- SQL injection in the WP_Query table – The wp_query table is vulnerable when passing unsafe data.
- Cross-site scripting (XSS) – vulnerability was discovered in the posts list table
For more specific information concerning the security fixes, please go to WordPress 4.7.2 Security Release page.