WordPress have released a security update for versions 4.7.4 and earlier which fixes six discovered security issues covering a SQL Injection vulnerability, an XSS vulnerability a CSRF vulnerability and multiple issues with XML-RPC API.
You are recommended to update your WordPress version immediately.
Remember to always take a full backup of your files and database before running updates!