One of the major reasons behind the insane popularity of the WordPress content management system are the core updates that are released on regular basis. Most of the time, these updates are related to security patches, backend or frontend codes and WordPress core. It will be good if you quickly install all these official updates as it will help in making your WP-based website stable, secure and functional.
On 6th March 2017, WordPress released v4.7.3 which comes loaded with some major security issues and it is recommended to update your WP sites immediately. In case, you don’t have to time for this task, you can hire WordPress developer who will help you update your WordPress core. The latest version of WordPress has eliminated six security problems which were detected in v4.7.2. Although, WordPress has officially rolled out the update but it will take some time to reach out to the users spread across the globe.
Given below are six security issues that earlier affected the functioning of WordPress v4.7.2:
- Control Characters which tricked the redirection of URL validation.
- Cross-site scripting (XSS) via video URL in YouTube embeds.
- The cross-site scripting (XSS) done via taxonomy term names.
- Unintended files which can be removed by administrators with the help of plugin deletion functionality.
- Cross-site scripting (XSS) via media file metadata.
- Cross-site Request Forgery (CSRF) which lead to the excessive use of server resources.
In addition to the above-mentioned security problems, the WordPress 4.7.3 contains approx 39 maintenance fixes to the whole v4.7 release series. For further information about the complete list of changes, you can refer to the official release notes provided by the WordPress.
So if you wish to manually download and install the WordPress 4.7.3, all you need to do is to venture over the WP Dashboard -> Updates and click on the “Update Now” button. In case, your website supports automatic background updates, then your portal will automatically upgrade to the WordPress 4.7.3.