If you have not updated your WordPress installations to WordPress 4.7.2, you need to do so now.
Three security vulnerabilities were highlighted in the release notes last week, see WordPress 4.7.2 security release however another critical security fix was disclosed yesterday, see disclosure of additional security fix in WordPress 4.7.2.
In this security disclosure, an Unauthenticated Privilege Escalation Vulnerability in a REST API Endpointvulnerability was disclosed to exist in WordPress 4.7 and 4.7.1. This vulnerability allows attackers to bypass standard WordPress security measures in order to change content. Because of the significance of this vulnerability, we strongly recommend you update your WordPress websites to WordPress 4.7.2 as quickly as possible.
All the sites we manager are updated, by us every day. If your site is not running the latest version of WordPress and any plugins and themes your site is vulnerable. Sign up for our maintenance service today and be safe in the knowledge that your WordPress sites will always be up to date, backed up and secure.
Sign up now
