Automattic just released the new WordPress 4.7.2, another update version of the popular cms. The new edition έρχεται με μερικές βελτιώσεις security. According to the official announcement:
"Versions prior to WordPress 4.7.1 and 4.7.1 are affected by three themesecurity:
The user's user interface in the Tax This is displayed to users who have no rights to use it. It was mentioned by David Herrera of Alley Interactive.
WP_Query is vulnerable to SQL injection (SQLi). WordPress core is not directly vulnerable to this issue, but we have hardened it further to prevent issues from plugins. Reported by Mo Jangda (batmoo).
A vulnerability cross-site scripting (XSS) was discovered on the message board. Reported by Ian Dunn of the WordPress security team.”
Read above
https://wordpress.org/news/2017/01/wordpress-4-7-2-security-release/
Download the new version or upgrading directly from the management panel.