Like with any WordPress update that gets released, it is always a good idea to make sure you have a solid backup before you update. But I’m sure the actual question many of you have is what’s in this latest maintenance release?
- This is mainly a security release that patches 3 bugs as well.
- 4.7.5 patches the following security issues
- Insufficient redirect validation in the HTTP class.
- Improper handling of post meta data values in the XML-RPC API.
- Lack of capability checks for post meta data in the XML-RPC API.
- A cross-site request forgery (CRSF) vulnerability in the filesystem credentials dialog.
- A cross-site scripting (XSS) vulnerability when uploading large files.
- A cross-site scripting (XSS) vulnerability in the Customizer.
Because this is primarily a security release, it is recommended to update your WordPress sites as soon as possible.