WordPress on January twenty six two thousand seventeen released a security update 4.7.2. This is an update for all previous versions of WordPress. This update includes three security fixes.
Security fixes in WordPress 4.7.2 include:
* Assigning taxonomy user interface viewable by users without permissions
* WP_Query vulnerable to SQL injection
* Cross site scripting vulnerability discovered in posts list
You can update your version of WordPress to 4.7.2 by clicking on your “Dashboard” if not already there. Then select “Updates”. Finally click on “Update Now”.
If your WordPress site was configured with automatic background updates, then you should already be updated to 4.7.2. Also, you can download update 4.7.2 directly from WordPress.org. Finally, check out this WordPress 4.7.2 update blog post for more details.