WordPress have released a security update for versions 4.7.1 and earlier which fixes three security discovered security issues covering a SQL Injection vulnerability, an XSS vulnerability and unauthenticated privilege escalation in the REST API.

You are recommended to update your WordPress version immediately.

Remember to always take a full backup of your files and database before running updates!