If you have a WordPress website, PLEASE NOTE: FIX THIS ASAP

>cross-posting in Computer Help and Support<

The recent 4.7.1 release of WordPress software contained a large hole enabling privilege updating and content injection.

They quietly fixed it with the 4.7.2 release-- 'quietly' because it's so big and so easily-exploitable a hole that anyone with the older version is extremely vulnerable and they were hoping to get as many people updated as possible before doing a public "my bad" that would alert crackers to the fun and easy exploit possibilities.

And, sure enough, as soon as the word got out, thousands of sites that hadn't updated were targeted with varying levels of nastiness.

So please, if you have a WordPress site, check to see you are running 4.7.2, and if you find you have the older version, first check to see if you've been hacked: the clue is usually replacement titles on your posts, sometimes they are also redirect links so DO NOT CLICK on any weird-looking titles. Go to WordPress help forums and find this handy guide: https://codex.wordpress.org/FAQ_My_site_was_hacked

Work it through, and then restore from an older content backup, if you have to.

If you haven't been hacked, update to 4.7.2 immediately and thank your lucky stars.

helpfully,
Bright