About that WordPress 4.9.7 Security and Maintenance Release
As you recall in my earlier discussion about an exploit in pre-4.9.7 versions of WordPress, “WordPress versions 4.9.6 and earlier are affected by a media issue that could potentially allow a user with certain capabilities to attempt to delete files outside the uploads directory.”
So that was “issue” was patched in this update, as well as 17ish others:
Taxonomy: Improve cache handling for term queries.
Posts, Post Types: Clear post password cookie when logging out.
Widgets: Allow basic HTML tags in sidebar descriptions on Widgets admin screen.
Community Events Dashboard: Always show the nearest WordCamp if one is coming up, even if there are multiple Meetups happening first.
Privacy: Make sure default privacy policy content does not cause a fatal error when flushing rewrite rules outside of the admin context.
Enjoy the life!