Website Security Checkup – January 2017
Keeping your website software up to date is probably the single most important step for a secure website. Out of date software can make it easier for hackers to find ways to break into your website. For more information, see Software Maintenance & Website Security.
WordPress & Joomla Release Summary
There were 2 security releases in January. By default, a security release will be applied automatically if you are on WordPress 3.7 or higher.
Current release: 4.7.2 – NEW SECURITY RELEASE – Release date: January 26, 2017
More WordPress info
Quick overview of v4.7.2:
- Fixes 3 security issues
- The user interface for assigning taxonomy terms in Press This is shown to users who do not have permissions to use it.
- WP_Query is vulnerable to a SQL injection (SQLi) when passing unsafe data.
- A cross-site scripting (XSS) vulnerability was discovered in the posts list table.
Previous release: 4.7.1 SECURITY RELEASE – Release date: January 11, 2017
Next scheduled release: 4.7.3, in 2017
There were no Joomla releases in January.
Current release: 3.6.5 – SECURITY RELEASE – Release date: December 13, 2016
More Joomla info
SECURITY RELEASE means that security vulnerabilities have been found in the software and will be fixed by this release. To protect your site from hackers and malware, you should update to this release as soon as possible.
Trackback from your site.