All the Visualmodo WordPress Themes were tested and prepared by our developer’s team to works perfectly running WordPress 4.7.2 version. Please make sure you have all the updates for better site usage.
WordPress 4.7.2 is now available. This is a security release for all previous versions, and we strongly encourage you to update your sites immediately.
What’s the change in the new WordPress Version?
Versions 4.7.1 and earlier are showing three security issues:
- Firstly, the user interfaces for assigning taxonomy terms in Press. As a result, users do not have permission to use it. Reported by David Herrera of Alley Interactive.
WP_Queryis vulnerable to a SQL injection (SQLi) when passing unsafe data. WordPress core is not directly vulnerable to this issue, but we’ve added hardening to prevent plugins and themes from accidentally causing a vulnerability. Reported by Mo Jangda (batmoo).
- A cross-site scripting (XSS) vulnerability was in the posts list table. So, a report by Ian Dunn of the WordPress Security Team.
- Finally, an unauthentic privilege escalation vulnerability was in a REST API endpoint. So, a report by Marc-Alexandre Montpas of Sucuri Security. *
Moreover, WordPress 4 comes with performance and optimization for speed.
Thank you to the reporters of these issues for practicing responsible disclosure.
Thanks to everyone who contributed to WordPress 4.7.2.
How Critical WordPress 4.7.2 Security Release Is?
Well, since it applies to the security of your site…it is VERY important. Don’t wait until your site is at risk or after you’ve lost potential leads or revenue. Take action and call up a web development expert today!
* Update: An additional serious vulnerability was a fix in this release, and public disclosure was a delay. For more information on this vulnerability, additional mitigation steps are taken, and an explanation for why the disclosure was delayed, please read Disclosure of Additional Security Fix in WordPress 4.7.2.
Visualmodo Themes Test