WordPress Important Security Update
In a new WordPress update, all WordPress users are strongly encouraged to ensure they have installed the latest version (version 4.7.2) or they will be leaving their site vulnerable to a hijack. The vulnerability would allow an attacker to change content on a WordPress site. This could potentially introduce harmful links, malicious software or include the site in a phishing scam.
On January 20, security firm Sucuri, notified WordPress of their discovery. The information was not made public until now because WordPress wanted to resolve the issue first before bringing it to the press. Main hosting services and security companies were notified immediately. However, now that this is public knowledge, attackers could potentially target sites that have not updated the latest installation.
So if you’re running a WordPress site and don’t have automatic updates, be sure to install version 4.7.2.
Recent Comments
10
Thank you for explaining this. I received a notice to install WordPress 4.7.2 but did not do it. Now I will.
See more comments
Hi Derek,
Wordpress sent me an email on this saying they will automatically install this security update. I didn't have to do anything, this was a couple of weeks ago approximately.
I did at the time of reading the email, check my wordpress editor and yes it was already automatically updated to 4.7.2
John