WordPress 4.7.3 is now available. This is a security release for all previous versions and we strongly encourage you to update your sites immediately.
WordPress versions 4.7.2 and earlier are affected by six security issues:
1.Cross-site scripting (XSS) via media file metadata.
2.Control characters can trick redirect URL validation.
3.Unintended files can be deleted by administrators using the plugin deletion functionality.
4.Cross-site scripting (XSS) via video URL in YouTube embeds.
5.Cross-site scripting (XSS) via taxonomy term names.
6.Cross-site request forgery (CSRF) in Press This leading to excessive use of server resources.
อ่าน :
https://wordpress.org/news/2017/03/wordpress-4-7-3-security-and-maintenance-release/
หัวข้อ: WordPress 4.7.3 อัพเดท เปิดตัวระบบรักษาความปลอดภัย (อ่าน 24574 ครั้ง)