thumb image

All about WordPress 4.7 “Vaughan” Plus its Security and Maintenance Updates

Category : WordPress

WordPress is awesome. Now, we’re expecting amazing updates and new features with the latest release of WordPress 4.7. This is the major update by WordPress in years. And yes it has many new features, which will make publisher’s life easy and developer’s life simple.

The major update named “Vaughan” after the legendary jazz singer Sarah “Sassy” Vaughan.  It is available for download and you can update in your WordPress dashboard. Let’s scroll down to find more about the new features to create your site set up the way you want!

Watch to know more about WordPress 4.7

Main Highlights of WordPress 4.7

Twenty Seventeen: This is a brand new default theme with immersive featured images and video header. Wow, videos in your website’s header- Isn’t it amazing?

WordPress4.7-TwentySeventeen

It focuses on business websites and front page is completely customizable with many other sections. This gives you a freedom to create a front page in a style you desire. Create your website in a personalized style with the help of widgets, navigation, a logo, social menus, custom colors, and more.

Takeaway: Get a video enabled header to your business or personal website with lots of new and customized features.

Edit Shortcuts: This is a new feature added to the latest version, which you can use in customizing your website with live preview. You’ll be able to edit or customize only those features where the related icons gets visible. The feature enable you customizing the website faster than ever.

Takeaway: Get the desired look and feel to your website while having real-time preview with Edit Shortcuts.

Smoother Menu Building: Unlike the last version to create a custom menu you need not to set or create pages/categories in advance. Here with the latest WordPress 4.7 you can add new pages while creating menu. This way whenever you’ll be making your customization live, the pages will be ready for publishing content and other updates. How smooth it has got to build a WP site using this new amendment, Isn’t it?

WordPress 4.7SmootherMenuBuilding

Takeaway: The new feature will help the developer’s community in building menus and pages easier and faster. Publishers and WordPress admin will be able to update content faster.

Custom CSS: This is a new feature added to update your website. By making some visual tweaks you can make a website look perfect.

WordPress4.7-CustomCSS

Takeaway:  Please make a note, adding inline CSS is not good for SEO and it also affects page speed.  Thus, Monks recommend not to use this feature without expert’s consultation.

PDF Thumbnail Preview:  Now document management in your WordPress editor has got easy. It provides you with the thumbnail images while uploading PDFs. Managing different PDF files in your WordPress editor has become easier than ever.

WordPress4.7PDFThumbnailPreview

Takeaway: Get the thumbnail preview while selecting any PDF document for publishing and distributing across the network.

Multilingual Dashboard: Get the dashboard in your favorite language with the WordPress 4.7. You’ll get the different language options in your user profile. Select the favorite language and get it on your dashboard.

WordPress4.7-MultilingualDashboard

Takeaway: It will help site administrator to get help from native people.

WP REST API: This helps you in accessing your website data through easy-to-use HTTP REST API. No need to install any plugin to make this happen as this functionality is inbuilt with the latest version of WordPress 4.7.

WordPress4.7-WP-REST-API

Takeaway:  Grab your website’s data in a simple JSON format.

Here comes some more happiness and we call it Developer’s Delight. 

Post Type Templates: Extend your template building capabilities with Post Type Templates. Start creating awesome templates and themes for your WordPress website.

Takeaway: Theme developers will get a new functionality to craft themes with more flexibility. Isn’t it amazing?

Custom Bulk Action: WP_Hook code is modernized and enabling much more functionalities with bulk action like edit, delete and export/import etc.

WordPress 4.7.1 – Security + Maintenance Update

This is the first update after releasing the new version of WordPress, Vaughan. It is a combination of security upgrade and maintenance update.

The Main Highlights

 The first security update is about REST API, which were exposing user’s data to public. Now with the latest version this issue has been resolved.

Cross-site scripting via a plugin update: Cross-site scripting (XSS) enables attackers to inject client side scripts, which exposed the site data to other users.

Meanwhile, XSS via theme and XSS via plugin vulnerability observed and gets resolved with the latest version.

Also, weak cryptographic security for multi-site activation key gets resolved.

WordPress 4.7.2: Security Release

WordPress 4.7.2 is a core security update to fill all the security loopholes in the latest version.

WP_Query, the heart of the development process found a SQL injection when passing unsafe data. With the latest security update WordPress has resolved this issue.

But, a cross-site scripting (XSS) vulnerability discovered and have solved in the posts list table.

Moreover, an unauthenticated privilege escalation vulnerability observed in a REST API endpoint.  The issue gets solved with the security update 4.7.2 makes your website more secure than ever.

Monks love WordPress and it’s simply awesome. Let’s get updated with the latest version of WordPress and get awesome on the web. Monks are happy to help you with updating your site with the latest version.

WordPress 4.7.3: Security + Maintenance Update

March 6, 2017 WordPress has released the latest update on security and maintenance. The security update released by WordPress is the cure to the 6 security issues observed in the last security update 4.7.2.

  1. Cross-site scripting (XSS) through media file metadata
  2. Redirect URL validation can be tricked with control characters
  3. Administrator can delete unintended files using the plugin deletion functionality
  4. Cross-site scripting (XSS) through video URL in YouTube embeds
  5. Taxonomy term names for cross-site scripting (XSS)
  6. Cross-site request forgery (CSRF) results into excessive use of server resources

Along with these security fixes it also includes 39 maintenance fixes to the WordPress 4.7. This simply indicates the stability of the WordPress core.

Monks’ Recommendation

Always update your WP Website to the latest version to all major and minor releases. If you need help with latest WP update, contact expert Monks.

The following two tabs change content below.
Nick is a tech monk working as a Marketing Head at WebbyMonks. He loves to explore cutting edge technology and share his write-ups through this blog. An avid learner, WordPress lover, passionate technology enthusiasts, and interested in everything tech. While not writing for technology you can find him fishing, shooting with camera, and brewing more filter coffee. On a lighter note, he is here to learn, explore, and overcome technology while falling in love with the tiny nonsense of daily life.