Why You Should Upgrade Wordpress Websites to the Latest Version 4.7.2
The bottom line in the software industry to remain safe is to be updated. WordPress unarguably powers about 67% of the internet, according to a study by Web Technology Survey on CMS providers and this is lucrative for attackers to research exploits to make money and misuse them. It has come to the notice that 4.7 and 4.7.1 had security vulnerability in REST API Endpoint what is known as Unauthenticated Privilege Escalation that went undetected because of which any unauthorized user/hacker could gain access to your content and alter/delete them. So, in layman terms, it allows an easy backdoor to attackers to bypass the standard WordPress security measures and mingle with the contents on the site.
- Follow the instructions from the official site of WordPress for a backup.
- Update to WordPress 4.7.2 of the latest security patch.
In particular cases, it has been found that the security threat can be overcome by changing a flag. For example, you might want to check out if you are using iThemes Security plug-in with your site, where the setting for REST API should be set to “Restricted Access”. Nevertheless, backup, follow the routine and update to 4.7.2 as soon as possible.
The entire change log can be accessed again from their official site. These include apart from the main part above greater speed making it more efficient with the resources, a lot of other bug fixes, and not to mention increased compatibility with latest plug-ins, themes and much more. You can check for updates by going to Dashboard >> Updates.