WordPress issues version 4.7.3 with six security fixes

WordPress has released version 4.7.3 of its uber-popular content management system, and “strongly encourages” users to update right away to take advantage of the six security fixes it includes.

The company says previous versions are impacted by these security issues:

1. Cross-site scripting (XSS) via media file metadata.
2. Control characters can trick redirect URL validation.
3. Unintended files can be deleted by administrators using the plugin deletion functionality.
4. Cross-site scripting (XSS) via video URL in YouTube embeds.
5. Cross-site scripting (XSS) via taxonomy term names.
6. Cross-site request forgery (CSRF) in Press This leading to excessive use of server resources.

This version also includes fixes for almost 40 maintenance issues.

WordPress users with automatic background updates enabled are already getting notified that their sites have been updated. Others can do the update manually by visiting their WordPress dashboard.

---

About The Author

Matt McGee is the Editor-In-Chief of MarTech Today. His news career includes time spent in TV, radio, and print journalism. After leaving traditional media in the mid-1990s, he began developing and marketing websites and continued to provide consulting services for more than 15 years. His SEO and social media clients ranged from mom-and-pop small businesses to one of the Top 5 online retailers. Matt is a longtime speaker at marketing events around the U.S., including keynote and panelist roles. He can be found on Twitter at

@MattMcGee

. You can

read Matt's disclosures

on his personal blog. You can reach Matt via email using our

Contact page

.

from MarTech Today | Marketing Technology News & Management Insights http://ift.tt/2mOpgNM
via IFTTT