WordPress 4.7.3 Security and Maintenance Release Notes

  • March 10, 2017
  • Ashish Shah
  • WordPress
  • No Comments
WordPress-4.7.3-Security-and-Maintenance-Release-Notes

A recent security update has been released by wordpress.org regarding website security protocols. The security has been termed as “WordPress 4.7.3 Security and Maintenance Release”. WordPress.org strongly recommends its users to update this version of the security in the respective websites.

The functionalities of the security update are as follows:

 

Cross site scripting (XSS) via media file

This update is very crucial since hackers use this script to extract all the password vulnerabilities by passing the access controls of the websites, such as origin policy. The breach can result in missing information from the website or may be a total website shut down.

Cross-site scripting (XSS) via taxonomy term names

This security update will control the hackers to use common internet protocol taxonomies or related terminology which are usually used to infringe the security rules of the websites.

Cross-site scripting (XSS) via video URL in YouTube embeds

Embedded contents in youtube often infringed by using the share/ like or comment section. The virus thus attacks the site through such embedded contents and will automatically route to the Trojan content files. This security update will prevent the hacker from such breach.

Cross-site request forgery (CSRF) in Press

This update leads to excessive use of server resources. This helps the administrators to restrict use of the unwanted website space by the users.

Control characters can trick redirect URL validation

This update will enable the user to migrate to different URL and can gather more information, restricting this URL redirection can result to confinement of the website to limited users.

Unintended files can be deleted by administrators using the plug-in deletion functionality

This update is crucial from the administrator’s point of view. This will enable to keep the website clean and free from unwanted cookies that get added during transaction and surfing.

About The Author

Avatar

Ashish Shah

Ashish Shah is the Founder and CEO of NCode Technologies, Inc. a leading Web & Mobile App Development Company based in India. He is the chief mentor and strategist with over 10+ years of experience in providing various IT solution to different industries. He also likes to share his view on different technology and marketing techniques via different blogs and articles.