| Security and Maintenance Update for WordPress | WordPress 4.7.5 Release |
| Who will be effected? | All customers using WordPress 4.7.4 or earlier |
The latest WordPress release (version 4.7.5) includes security and maintenance fixes that address the following issues:
- Insufficient redirect validation in the HTTP class
- Improper handling of post meta data values in the XML-RPC API
- Lack of capability checks for post meta data in the XML-RPC API
- A Cross Site Request Forgery (CRSF) vulnerability in the file system credentials dialog
- A cross-site scripting (XSS) vulnerability uploading very large files
- A cross-site scripting (XSS) vulnerability when using the Customizer
WordPress 4.7.5 also includes 3 maintenance fixes for the 4.7 releases. You can download the update
here. For the official release announcement, please see this
article on the WordPress.org website.
We value your feedback!
There is a step or detail missing from the instructions.
The information is incorrect or out-of-date.
It does not resolve the question/problem I have.
new! - Enter your name and email address above and we will post your feedback in the comments on this page!