WordPress 4.9.7 is a security and maintenance release available now and should be applied immediately.
This update addresses a security issue that affects all WordPress versions since 3.7 which potentially allows users (with certain capabilities defined) to delete files outside of the uploads directory. This update also fixes 17 other known bugs.
You can read more by looking at the release notes: https://codex.wordpress.org/Version_4.9.7
If you have not done so already – download the update or simply use your existing installation of WordPress to update your site. Either way – this is an excellent time to make a backup copy of your site(s) before upgrading.