Languages: English • 4.7.2 日本語 (Add your language)
On 26 Jan, 2017, WordPress 4.7.2 was released to the public.
To download WordPress 4.7.2, update automatically from the Dashboard > Updates menu in your site's admin area or visit https://wordpress.org/download/release-archive/.
For step-by-step instructions on installing and updating WordPress:
If you are new to WordPress, we recommend that you begin with the following:
From the WordPress 4.7.2 release post: WordPress versions 4.7.1 and earlier are affected by three security issues:
WP_Query is vulnerable to a SQL injection (SQLi) when passing unsafe data. WordPress core is not directly vulnerable to this issue, but we’ve added hardening to prevent plugins and themes from accidentally causing a vulnerability. Reported by Mo Jangda (batmoo).From the additional 4.7.2 security disclosure, WordPress versions 4.7.0 and 4.7.1 are affected by the following security issue:
wp-admin/about.php wp-admin/includes/class-wp-press-this.php wp-admin/includes/class-wp-posts-list-table.php wp-includes/version.php wp-includes/class-wp-query.php wp-includes/class-wp-comment.php wp-includes/class-wp-term.php wp-includes/rest-api/endpoints/class-wp-rest-comments-controller.php wp-includes/rest-api/endpoints/class-wp-rest-taxonomies-controller.php wp-includes/rest-api/endpoints/class-wp-rest-post-types-controller.php wp-includes/rest-api/endpoints/class-wp-rest-posts-controller.php wp-includes/rest-api/endpoints/class-wp-rest-terms-controller.php wp-includes/rest-api/endpoints/class-wp-rest-post-statuses-controller.php wp-includes/rest-api/endpoints/class-wp-rest-revisions-controller.php wp-includes/rest-api/endpoints/class-wp-rest-users-controller.php wp-includes/class-wp-post.php wp-includes/rest-api.php