Website Security Checkup – March 2017

Keeping your website software up to date is probably the single most important step for a secure website. Out of date software can make it easier for hackers to find ways to break into your website. For more information, see Software Maintenance & Website Security.

WordPress & Joomla Release Summary

March 2017

WordPress

Current release: 4.7.3NEW SECURITY RELEASE – Release date: March 6, 2017

More WordPress info

Quick overview of v4.7.3:

This release contains 39 maintenance fixes to the 4.7 release series.

And it fixes 6 security issues:

  • Cross-site scripting (XSS) via media file metadata.
  • Control characters can trick redirect URL validation.
  • Unintended files can be deleted by administrators using the plugin deletion functionality.
  • Cross-site scripting (XSS) via video URL in YouTube embeds.
  • Cross-site scripting (XSS) via taxonomy term names.
  • Cross-site request forgery (CSRF) in Press This leading to excessive use of server resources.

More Details on v4.7.3

Next scheduled release: 4.7.4, April-May, 2017

Joomla

There were no Joomla releases in March.

Current release: 3.6.5SECURITY RELEASE – Release date: December 13, 2016

More Joomla info

Quick overview of security release 3.6.5:

  • 1 high priority and 2 low priority security issues fixed
  • 4 bugs fixed

More Details on v3.6.5

Next scheduled release: 3.7, March, 2017

SECURITY RELEASE means that security vulnerabilities have been found in the software and will be fixed by this release. To protect your site from hackers and malware, you should update to this release as soon as possible.

Tags: ,

Trackback from your site.

Leave a comment