The security vulnerabilities are both arbitrary file deletion issues that could expose WordPress sites to risk. The first issue was publicly reported on June 26, by researchers at RIPS Tech, while the second was discovered by WordPress security firm WordFence on July 2. In addition to the two vulnerabilities, WordPress 4.9.7 provides fixes for 17 other bugs to help improve stability.