Google has recently started sending out email alerts to site owners through the Google search console about outdated WordPress CMS notices. However before being alarmed, know that all the ones we have seen have been false, quoting the site as running 4.7.0 or 4.7.1 when in reality they are running 4.7.2 (latest as of this post date). So likely you can ignore the Google search console WordPress update alert, but it doesn’t hurt to double check and make sure you are updated.
Some commenters at SERoundTable are also reporting them to be false fairly consistently, which makes us think they aren’t using the generator meta tag to detect which version of WordPress you are running, or are seeing a cached version of the site.
Moz also recently made a post questioning the reliability of Google Search Console, which is worth a read.
If you do get one, be sure to check your updates on your site because outdated software is the #1 reason sites get hacked or have to deal with malware.
If you want more information, see the forum discussion at Google Webmaster Help.
The emails read like this:
Recommended WordPress update available for http://www.yoursite.com/
To: Webmaster of http://www.yoursite.com/,
Google has detected that your site is currently running WordPress 4.7.0 or 4.7.1, an older version of WordPress. Outdated or unpatched software can be vulnerable to hacking and malware exploits that harm potential visitors to your site. Therefore, we suggest you update the software on your site as soon as possible.
Following are one or more example URLs where we found pages that have outdated software. The list is not exhaustive.
1. Update to the latest release of WordPress
Visit the WordPress site for instructions on how to download and install the latest release.
2. Check your site for hacked content
Because there was a vulnerability on your site, it’s possible that your site might have been compromised. We recommend you check your site for any suspicious activity. You can see if Google has detected any hacked content on your site in the Security Issues section of Search Console.
3. Stay up to date on new releases
Remember that older or unpatched software might be vulnerable to hacking or malware, so it’s important to install new software releases when they come out.
Need more help?
• Read more about outdated software and vulnerabilities in our Help Center.
• Check your site for hacked content using the Hacked Sites Troubleshooter.
• If your site was compromised, read our guide for hacked sites.
• Ask questions in our forum for more help – mention message type [WNC-641200].
Did you receive a Google Search Console WordPress Update alert and not know what to do? or need help making sure your WordPress site is up to date and secure? We can take care of that for you with WordPress support and maintenance plans starting at $89/month.