A few short weeks ago a serious WordPress vulnerability was found in version 4.7 and 4.7.1.
Are You Protected?
WPStrands customers have nothing to worry about as all sites were updated automatically last week as soon as the new version was released.
But if you haven’t yet updated your WordPress site, do so immediately.
Bug Not Announced
This problem was not made public until this week so that hacker communities could not exploit it fully but it is now public knowledge.
The bug concerns the WordPress REST API and allows an attacker to alter the contents of any post on your WordPress website.
Even if you’re not familiar with and never use the REST API it’s still important because this WordPress vulnerability is active by default in version 4.7 and 4.7.1.
More Attacks Guaranteed
What this means is that anyone running WordPress version 4.7 or 4.7.1 is vulnerable to attacks and it’s almost guaranteed these attacks will see a sudden rise after the bug being made public this week.
The solution is to upgrade to WordPress version 4.7.2 immediately. Version 4.7.2 includes a patch which fixes this bug.
If you have any questions about this or any other WordPress vulnerability just get in touch or ask in the comments below.