WordPress 4.7.5 security update

Automattic released WordPress 4.7.5. It's a security update for all previous releases and you should upgrade your pages directly.WordPress 4.7.5
WordPress version 4.7.4 and earlier are affected by six Security:

  • Insufficient HTTP class redirect validation. It was mentioned by Ronni Skansing.
  • Inappropriate handling of post-metadata from the XML-RPC API. It was reported by Sam Thomas.
  • Lack of post-data metadata capability in the XML-RPC API. It was reported by Ben Bidner of the WordPress Security Team.
  • Cross Site Request Forgery (CRSF) vulnerability in the file system credentials dialog box. It was mentioned by Yorick Koster.
  • Vulnerability scripting (XSS) when trying to send very large files. Reported by Ronni Skansing.
  • Cross-site scripting (XSS) vulnerability in Customizer. It was mentioned by Weston Ruter of the WordPress Security Team.

In addition to the above security issues, WordPress 4.7.5 contains 3 maintenance fixes. For more information, see them release notes ή consult the list of changes.

Download the new one WordPress 4.7.5 or upgrade from Dashboard → Updates with on the “Update Now” button.

iGuRu.gr The Best Technology Site in Greecefgns

every publication, directly to your inbox

Join the 2.087 registrants.

automatticclasscrosscross-sitehttpI'm surerequestscriptingwordpresssecurityversioninformationclickbuttoninformation

Written by giorgos

George still wonders what he's doing here ...

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).