{"id":1239,"date":"2017-03-07T09:01:30","date_gmt":"2017-03-07T09:01:30","guid":{"rendered":"http:\/\/ukwebsolutionsdirect.co.uk\/blog\/?p=1239"},"modified":"2017-03-07T09:08:48","modified_gmt":"2017-03-07T09:08:48","slug":"wordpress-4-7-3-security-release","status":"publish","type":"post","link":"https:\/\/ukwebsolutionsdirect.co.uk\/blog\/wordpress-hosting\/wordpress-4-7-3-security-release","title":{"rendered":"WordPress 4.7.3 Security Release"},"content":{"rendered":"<p>A new version of WordPress has just been released. <strong><span style=\"color: #0000ff;\"><a style=\"color: #0000ff;\" href=\"https:\/\/wordpress.org\/news\/2017\/03\/wordpress-4-7-3-security-and-maintenance-release\/\" target=\"_blank\">WordPress 4.7.3<\/a><\/span><\/strong> is the third in a series of recent security releases for WordPress core. The older version, 4.7.2 was released on January 26th to fix a now famous <strong><span style=\"color: #0000ff;\"><a style=\"color: #0000ff;\" href=\"http:\/\/www.bbc.com\/news\/technology-38930428\" target=\"_blank\">WordPress\u00a0vulnerability<\/a><\/span><\/strong>.<\/p>\n<p>The new 4.7.3 core release addresses three\u00a0Cross Site Scripting\u00a0vulnerabilities:<\/p>\n<ul>\n<li>Cross-site scripting (XSS) via media file metadata.<\/li>\n<li>Cross-site scripting (XSS) via video URL in YouTube embeds.<\/li>\n<li>Cross-site scripting (XSS) via taxonomy term names.<\/li>\n<\/ul>\n<p>Moreover, this latest version also fixed the following security issues:<\/p>\n<ul>\n<li>\u00a0Control characters can trick redirect URL validation.<\/li>\n<li>Unintended files can be deleted by administrators using the plugin deletion functionality.<\/li>\n<li>Cross-site request forgery (CSRF) in \u201cPress This\u201d leading to excessive use of server resources.<\/li>\n<\/ul>\n<p>WordPress 4.7.3 also contains 39 maintenance fixes for a range of non-security related issues.<\/p>\n<p>We highly recommend that you upgrade to this new release as soon as possible. Since this release fixes important security vulnerabilities, we may see attacks targeting these vulnerabilities in the coming days if your website is not updated to the latest version.<\/p>\n<p>As you know, your website\/s should be automatically updated, but if you don\u2019t want to wait, browse to Dashboard &gt; Updates and click the Update Now button.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>A new version of WordPress has just been released. WordPress 4.7.3 is the third in a series of recent security releases for WordPress core. The older version, 4.7.2 was released on January 26th to fix a now famous WordPress\u00a0vulnerability. The new 4.7.3 core release addresses three\u00a0Cross Site Scripting\u00a0vulnerabilities: Cross-site scripting (XSS) via media file metadata. [&hellip;]<\/p>\n","protected":false},"author":7,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":[],"categories":[207,97],"tags":[42,213],"_links":{"self":[{"href":"https:\/\/ukwebsolutionsdirect.co.uk\/blog\/wp-json\/wp\/v2\/posts\/1239"}],"collection":[{"href":"https:\/\/ukwebsolutionsdirect.co.uk\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/ukwebsolutionsdirect.co.uk\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/ukwebsolutionsdirect.co.uk\/blog\/wp-json\/wp\/v2\/users\/7"}],"replies":[{"embeddable":true,"href":"https:\/\/ukwebsolutionsdirect.co.uk\/blog\/wp-json\/wp\/v2\/comments?post=1239"}],"version-history":[{"count":2,"href":"https:\/\/ukwebsolutionsdirect.co.uk\/blog\/wp-json\/wp\/v2\/posts\/1239\/revisions"}],"predecessor-version":[{"id":1241,"href":"https:\/\/ukwebsolutionsdirect.co.uk\/blog\/wp-json\/wp\/v2\/posts\/1239\/revisions\/1241"}],"wp:attachment":[{"href":"https:\/\/ukwebsolutionsdirect.co.uk\/blog\/wp-json\/wp\/v2\/media?parent=1239"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/ukwebsolutionsdirect.co.uk\/blog\/wp-json\/wp\/v2\/categories?post=1239"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/ukwebsolutionsdirect.co.uk\/blog\/wp-json\/wp\/v2\/tags?post=1239"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}