WordPress 4.9.1 was released on November 29, 2017 and It is recommended that you update as soon as possible. It is recommended that you update as soon as possible because this release addresses four security issues.
On Oct. 31, 2017, WordPress announced the release of 4.8.3; a security release for 4.8.2 and all earlier versions. If you have a WordPress site, it is strongly encouraged that you update immediately.
Yesterday’s fix doesn’t necessarily affect the WordPress core itself, but creates a hardening to prevent vulnerabilities in plugins or themes that may be used on your site.
If your host or maintenance service provider has not contacted you, or if you are responsible for updates on your own, please read the original announcement from WordPress.
After installing this update in our test environment we noticed some of our client’s plugins weren’t quite working as expected, so we recommend if you have access to a test environment to perform the updates there first to make sure everything works properly before you update your live site.
We know sometimes updates can affect sites in unexpected ways, and installing updates in a test environment before touching a live site is one of the unique things Maje Media does for all of our maintenance clients.
Whenever there is a security release from WordPress or any plugin developer, Maje Media also researches the updates to find out what is changing and why. By researching the changes we can make sure our clients are on the latest and most secure versions of WordPress core, themes, and plugins.