If you're running WordPress 4.7 and have not yet updated to 4.7.2, please do so immediately. Additional details were released this morning concerning a previously undocumented vulnerability that was patched in 4.7.2. This vulnerability could easily allow anyone to modify any post on your WordPress and the exploit potential goes well beyond that.

4.7.2 was released on January 26th so if you have automatic updates enabled this update will have already been applied. Please double check your WP admin panel to be sure.

Additional details here: https://make.wordpress.org/core/2017...rdpress-4-7-2/