Go to top of page

Update WordPress to version 4.7.3 to protect users

Priority Level: 
8 March 2017

WordPress has released an update to address security vulnerabilities on its popular blogging and content management system. These vulnerabilities may allow for attacks against the blog’s users and servers.

WordPress has advised users to immediately update their sites to version 4.7.3 to protect themselves.

The new version contains changes that address six vulnerabilities present in previous versions. Three of these vulnerabilities may allow an attacker to trick a user into thinking a malicious site is in fact a legitimate WordPress site. The victim may inadvertently provide data to the attacker’s site that was intended for the legitimate site, such as passwords and private information.

Another vulnerability addressed in this update may allow an attacker to send a malicious message that prompts a WordPress user’s site to use excessive server resources. This can make the site slow to respond or temporarily unavailable.

To update WordPress, log into your site as an administrator and click ‘Updates’ in the WordPress Dashboard. Sites with automatic updates should perform this task without manual intervention.

Stay Smart Online recommends automating updates to all software that supports the features. WordPress have released instructions on configuring your system to automatically update.

More information

For technical information on the update, see the post on the official WordPress blog.

The information provided here is of a general nature. Everyone's circumstances are different. If you require specific advice you should contact your local technical support provider.