Jun 5, 2017
WordPress 4.7.5 is the now for available for the users. This release is to cover up the security issues prevailing in their previous versions and therefore it is strongly recommended to update your WordPress websites.
Security issues in WordPress versions 4.7.4 and above:
- Insufficient redirect validation in the HTTP class.
- Sam Thomas reported about the inappropriate handling of post meta data values in the XML-RPC API.
- Ben Bidner who works with WordPress Security Team reported a lack of capability checks for post meta data in the XML-RPC API.
- Yorick Koster reported Cross Site Request Forgery (CSRF) loophole was uncovered in the filesystem credentials dialog.
- Ronni Skansing reported a cross-site scripting (XSS) vulnerability while uploading very large files.
- Weston Ruter of the WordPress Security Team reported cross-site scripting (XSS) vulnerability was uncovered related to the Customizer.
Apart from these aforementioned security breaches, WordPress 4.7.5 also includes 3 maintenance issues prevailing in the 4.7 series which might have an impact on WordPress web development services across the globe. In order to know more about this, you can check out the release notes or list of changes.
How to use WordPress 4.7.5?
In order to incorporate WordPress 4.7.5, you can download WordPress 4.7.5 or go to the Dashboard → Updates and click on “Update Now.” If your website supports automatic background updates then they were automatically updated to WordPress 4.7.5.
WordPress 4.8 release candidate is out!
WordPress 4.8 release candidate is now available in the market. RC is our final version of the task but as there are millions of users and numerous plugins as well as themes, it might be possible that something is still missing.
It is expected to get WordPress 4.8 release on Thursday, June 8. So, it is time to test WordPress 4.8. In order to test WordPress 4.8, one can make use of the WordPress Beta Tester plugin or download the release candidate from the official WordPress website.
After the release of Beta 2 version. Few more changes were made. In order to know in detail about the changes made you can go to the blog. Further, the company has requested to the WordPress developers, to test the compatibility of their plugins as well as themes with WordPress 4.8 and update these plugin’s Tested up to the one in the readme to 4.8.
In the case of any compatibility problems, you can contact the support forums in order to figure in order to rectify it before the final release. Plus, the company is coming up with an in-depth guide to developer-focused alterations will be released soon by the developers.
This software is under development, so it is recommended not to run it on your production site. However, if you want to test this feature then you can play with the new version. You can try the WordPress Beta Tester plugin in order to test the WordPress 4.8, Or you can download the beta version from the website.
To get to know more about 4.8, you can reach out the Beta 1 blog post. WordPress developers are advised to update their websites.
Feel free to post your queries in the comments section below.