WordPress 4.7.3 Security Release

wordpress 4.7.3
WordPress 4.7.3

WordPress just released version 4.7.3. This is security update and you should update your blog(s) as soon as possible.

Security issues that were fixed in version 4.7.3:

– Cross-site scripting (XSS) via media file metadata.
– Control characters can trick redirect URL validation.
– Unintended files can be deleted by administrators using the plugin deletion functionality.
– Cross-site scripting (XSS) via video URL in YouTube embeds.
– Cross-site scripting (XSS) via taxonomy term names.
– Cross-site request forgery (CSRF) in Press This leading to excessive use of server resources.

Also, WordPress version 4.7.3 contains 39 maintenance fixes.

If you need any help updating your WordPress installation please submit a ticket and we’ll be happy to help.

Leave a Reply