WordPress 4.7.3: Update of security and maintenance

WordPress 4.7.3 is already available. This is an update of security for all the previous versions and we warmly animated to you to update your WordPress immediately to avoid vulnerabilities of type cross-site scripting (XSS).

Source: WordPress.org Spanish
Published


All the previous versions of WordPress 4.7.2 and are affected by six problems of security:

  1. Cross scripting (XSS) through metadata of means archives. Informed by Chris Andr¨ Dale, Yorick Koster and Simon P. Briggs.
  2. The control characters can deceive the validation of redirection of the URL. Informed by Daniel Chatfield.
  3. The administrators can erase archives without wanting when using the functionality of erasure of plugins. Informed by xuliang.
  4. Cross scripting (XSS) through the inlhelp URL of the video in of YouTube. Informed by Marc Montpas.
  5. Cross scripting (XSS) through names of terms of taxonomies. Informed by Delta.
  6. Cross request forgery (CSRF) in Publishing this that takes to an excessive consumption of resources of the servant. Informed by Sipke Mellema.

In addition to the informed problems of security above, WordPress 4.7.3 contains 39 adjustments of maintenance for all the series of versions 4.7.

It easily installs or it updates WordPress to the last version with Installatron, the installer of applications that we offer in all the plans of lodging Advanced Web or superior.

Related articles