WordPress 4.7.2 Security Update

·

·

WordPress Version 4.7.2 was published on January 26 and contains three important security fixes.

The security issues were:

  1. The user interface for assigning taxonomy terms was shown to users without the permission to use it in Press-This.
  2. WP_Query was vulnerable to a SQL injection when passing unsafe data. The update prevents plugins to accidently crate security issues which effect the WordPress core.
  3. A cross-site scripting (XSS) vulnerability was discovered in the posts list table.

A official list can be found here.

Remember to backup and install security related updates fast.