It’s been a bad few weeks to be a WordPress administrator, with a number of security updates to the core content management system and a handful of widely used third-party plugins. Get those patches before someone comes along and defaces your website, steals information from the database, or modifies the site to distribute malware.
The latest update, version 4.7.3, is a combination maintenance release and security update that addresses six security vulnerabilities and 39 maintenance issues. Three of the six security vulnerabilities can lead to cross-site scripting attacks.
“This is a security release for all previous versions, and we strongly encourage you to update your sites immediately,” WordPress said in its release notification.