Automattic has just released the new WordPress 4.7.2, άλλη μία ενημερωμένη έκδοση του δημοφιλούς CMS. Η νέα έκδοση έρχεται με μερικές βελτιώσεις security. According to the official announcement:
"Versions prior to WordPress 4.7.1 and 4.7.1 are affected by three security issues:
Η interface user in Press This taxonomy terms is displayed to users who do not have rights to use it. Reported by David Herrera of Alley Interactive.
WP_Query is vulnerable to SQL injection (SQLi). WordPress core is not directly vulnerable to this issue, but it was further tempered to prevent issues from plugins. It was mentioned by Mo Jangda (batmoo).
A cross-site scripting (XSS) vulnerability was discovered in the message board. Reported by her Ian Dunn teamWordPress Security.”
Read above
https://wordpress.org/news/2017/01/wordpress-4-7-2-security-release/
Download the new version or upgrade directly from panels management.