Website Security Checkup – January 2017

Keeping your website software up to date is probably the single most important step for a secure website. Out of date software can make it easier for hackers to find ways to break into your website. For more information, see Software Maintenance & Website Security.

WordPress & Joomla Release Summary

January 2017


There were 2 security releases in January. By default, a security release will be applied automatically if you are on WordPress 3.7 or higher.

Current release: 4.7.2NEW SECURITY RELEASE – Release date: January 26, 2017

More WordPress info

Quick overview of v4.7.2:

  • Fixes 3 security issues
  • The user interface for assigning taxonomy terms in Press This is shown to users who do not have permissions to use it.
  • WP_Query is vulnerable to a SQL injection (SQLi) when passing unsafe data.
  • A cross-site scripting (XSS) vulnerability was discovered in the posts list table.

More Details on v4.7.2

Previous release: 4.7.1 SECURITY RELEASE – Release date: January 11, 2017

Next scheduled release: 4.7.3, in 2017


There were no Joomla releases in January.

Current release: 3.6.5SECURITY RELEASE – Release date: December 13, 2016

More Joomla info

Quick overview of security release 3.6.5:

  • 1 high priority and 2 low priority security issues fixed
  • 4 bugs fixed

More Details on v3.6.5

Next scheduled release: 3.7, March, 2017

SECURITY RELEASE means that security vulnerabilities have been found in the software and will be fixed by this release. To protect your site from hackers and malware, you should update to this release as soon as possible.

Tags: ,

Trackback from your site.

Leave a comment