On 2 February, 2016, WordPress 3.7.13 was released to the public.
Installation/Update Information
To download WordPress 3.7.13, update automatically from the Dashboard > Updates menu in your site’s admin area or visit https://wordpress.org/download/release-archive/.
For step-by-step instructions on installing and updating WordPress:
If you are new to WordPress, we recommend that you begin with the following:
- New To WordPress – Where to Start
- First Steps With WordPress or Upgrading WordPress Extended
- WordPress Lessons
Summary
From the announcement post, WordPress ersions 4.4.1 and earlier are affected by two security issues: a possible SSRF for certain local URIs, reported by Ronni Skansing; and an open redirection attack, reported by Shailesh Suthar.
List of Files Revised
wp-admin/about.php
wp-includes/version.php
wp-includes/http.php
wp-includes/pluggable.php
readme.html