Wordpress security bugs from version 4.7.1 or lower
Currently, WordPress version 4.7.2 was provided. This is the release to patch security bugs from version 4.7.1 wordpress or less and ShineTheme encourage you to update to this new version now for your WordPress website.
Version 4.7.1 or less affected by security issues following 4:
The user interface for the classification of accounts in the website is displayed to the user is not authorized to use it.
WP_Query affect SQL injection when data transfer is not secure. The major part of WordPress is not affected directly by this issue. However, WordPress has also added features to prevent the risk from this issue.
XSS bug was discovered in the article list.
A flaw was discovered in the REST API endpoint.
However, security flaws have been fixed in this WordPress version 4.7.2. So ShineTheme please notify Customers quickly update to this version to avoid being affected by the above problems.
Note: You should back up the source code of the website and database before upgrading.