Just a few hours ago WordPress suddenly released 4.7.5 which is a security release. They mentioned about fixing six vulnerabilities. We highly recommend you to update to 4.7.5 as soon as possible. Unless you have disabled automatic updates, your site may have already been upgraded to WordPress 4.7.5. This security release is supposed to be a ‘minor’ release and WordPress by default automatically updates core minor releases.
However, there might be more than just fixing a few vulnerabilities because it went out without much pre-announcement. Due to the nature of its release, there are doubts that this release may have fixed more than the vulnerabilities that have been detailed on the WordPress blog.
In last update as well earlier this year, they delayed disclosing a vulnerability for a week. That vulnerability was the infamous WordPress defacement vulnerability which resulted in hundreds of thousands of sites being affected. We are not 100% sure at this point in time whether this release includes an additional security fix that is unannounced. But recent history indicates it is probably a good idea to update immediately.