WordPress 4.7.2 Security Update

WordPress Version 4.7.2 was published on January 26 and contains three important security fixes.

The security issues were:

1. The user interface for assigning taxonomy terms was shown to users without the permission to use it in Press-This.
2. WP_Query was vulnerable to a SQL injection when passing unsafe data. The update prevents plugins to accidently crate security issues which effect the WordPress core.
3. A cross-site scripting (XSS) vulnerability was discovered in the posts list table.

A official list can be found here.

Remember to backup and install security related updates fast.