WordPress 4.7.3 Is Now Available

April 28, 2017
Security Advisory

WordPress 4.7.3 is now available. It is strongly recommended that you update your sites to the most current version.

A remote attacker could exploit some of these vulnerabilities to take control of an affected website. WordPress versions 4.7.2 and earlier are affected by these six critical security issues listed below:

Cross-site scripting (XSS) via media file metadata
Control characters can trick redirect URL validation
Unintended files can be deleted by administrators using the plugin deletion functionality
Cross-site scripting (XSS) via video URL in YouTube embeds
Cross-site scripting (XSS) via taxonomy term names
Cross-site request forgery (CSRF) in Press This leading to excessive use of server resources

For more information, please visit https://wordpress.org/news/2017/03/wordpress-4-7-3-security-and-maintenance-release/.

Patch Now: PaperCut MF/NG vulnerability

Patch Now: Adobe ColdFusion

UCLA Football Tickets Scam In Group Chats

Microsoft BlueBleed Data Leak

Cyber Threat Actor Group “Vice Society” Targeting UCLA and Education Sector