WordPress Security Update Released – Version 4.7.3

Earlier today, WordPress released a new update to take care of some security issues. If you’re running WordPress on your website, and have auto-update enabled, then your site will update today March 6th, 2017. If you have the automatic updates turned off, it’s recommended to make the update as there are some potential security issues that this update resolves.

What’s Changed In The WordPress 4.7.3 Update?

There were six items that the security update addresses;

Three different Cross-site Scripting (XSS) exploits, some URL Redirection validation, core files deleted by admins when removing plugins, and a removal of code pertaining to the Press This function which could lead to an excessive use of resources.

On the surface, the excessive use of resources doesn’t seem like something people really pay attention to, however, if you use too many resources, your web hosting company will take notice, and invariably, suspend your website.

What Else Was Updated?

Since we’re changing versions from 4.7.2 to 4.7.3, there were 39 maintenance items that were addressed by the WordPress team.  Some of the updates were minor such as the saving of images after rotating them in the media section, but most of them dealt with bugs or alerts produced by the code.

There were also some changes to the shortcodes to help deal with the PHP 7.1 software used by many hosting companies.

If you’re not already using PHP 7.x on your website, we strongly recommend checking with your host to update your site to the new version. PHP 7 is a much faster (and stable) release of PHP.  Click this link to read about the future requirements of WordPress and PHP 7 by Default.

Questions Related To Your Site and Plugins

If you have any issues related to your website and the new version of WordPress, or how your site will handle the update depending on your plugins installed, please contact us.  Before making any updates to your site, we strongly recommend making a backup, and don’t just trust that your website will update correctly, or that your web host is doing a backup for you! Many times, their backups are insufficient and at times, incomplete.

Share this post

Share on facebook
Share on google
Share on twitter
Share on linkedin
Share on pinterest
Share on print
Share on email
Check Out These Other Articles
WordPress Update and Management in Omaha

First WordPress Update of 2018 – Version 4.9.2

On January 16th, 2018, WordPress pushed out their latest update for their software.  For most people, this means they have upgraded to 4.9.2 automatically, but because this was a security update, anyone using older versions of WordPress also received some form of an update! What’s In The New Update? In short, not much.  This was mainly a security and maintenance


W3 Total Cache Plugin – XSS Vulnerability 9/23/2016

W3 Total Cache is an optimization plugin for WordPress which will cache pages and posts and speed up the website. On September 23rd, 2016 it was announced a new Cross Site Scripting vulnerability, commonly known as an “XSS Vulnerability.” As of 8 pm CDT on September 23rd, 2016, there is no fix/patch available. Your only option currently is to disable

PHPMailer Security Vulnerability – Affects WordPress

I hope you enjoyed the Christmas Holidays because we’re right back into software security and vulnerability issues. This week, we’re looking at PHPMailer 5.2.18 and lower. LegalHackers released an announcement on Christmas Day that a new vulnerability has been discovered in PHPMailer 5.2.18, and as a result, the WordPress Core software. You can read the LegalHackers announcement here. What is