Version 4.7.2 of wordpress is vulnerable

Hello team, I observed that your website https://nextcloud.com still use wordpress 4.7.2 Version 4.7.2 of wordpress is vulnerable to : Cross-site scripting (XSS) Control characters can trick redirect URL validation Cross-site scripting (XSS) via video URL in YouTube embeds Cross-site scripting (XSS) via taxonomy term names Cross-site request forgery (CSRF) in Press This leading to excessive use of server resources Fix : Upgrade to wordpress 4.7.3 More information : https://wordpress.org/news/2017/03/wordpress-4-7-3-security-and-maintenance-release/ Best regards Rey Mark