Website Security Checkup – March 2017
Keeping your website software up to date is probably the single most important step for a secure website. Out of date software can make it easier for hackers to find ways to break into your website. For more information, see Software Maintenance & Website Security.
WordPress & Joomla Release Summary
Current release: 4.7.3 – NEW SECURITY RELEASE – Release date: March 6, 2017
More WordPress info
Quick overview of v4.7.3:
This release contains 39 maintenance fixes to the 4.7 release series.
And it fixes 6 security issues:
- Cross-site scripting (XSS) via media file metadata.
- Control characters can trick redirect URL validation.
- Unintended files can be deleted by administrators using the plugin deletion functionality.
- Cross-site scripting (XSS) via video URL in YouTube embeds.
- Cross-site scripting (XSS) via taxonomy term names.
- Cross-site request forgery (CSRF) in Press This leading to excessive use of server resources.
Next scheduled release: 4.7.4, April-May, 2017
There were no Joomla releases in March.
Current release: 3.6.5 – SECURITY RELEASE – Release date: December 13, 2016
More Joomla info
SECURITY RELEASE means that security vulnerabilities have been found in the software and will be fixed by this release. To protect your site from hackers and malware, you should update to this release as soon as possible.
Trackback from your site.