New wp2shell WordPress Core Flaw Lets Unauthenticated Attackers Run C… | HappeningNow.news
Published Date: July 17, 2026

Cybersecurity · 1 views

New wp2shell WordPress Core Flaw Lets Unauthenticated Attackers Run Code

An anonymous HTTP request can run code on a WordPress site.

Source The Hacker News AI Summary Updated 3h 11m ago
Story intelligence Beta
Freshness Fresh Updated 3h 11m ago
Confidence Limited Single-outlet story
Coverage Single outlet
Views 1 Community interest
Read time 1 min ~61 words

AI Summary

An anonymous HTTP request can run code on a WordPress site. The bug is in core, so a bare install with zero plugins is exploitable. Every 6.9 and 7.0 site was in range until Friday, when WordPress shipped 6.9.5 and 7.0.2 and enabled what it calls forced updates through its auto-update system. Adam Kues at Assetnote, Searchlight Cyber's attack surface manage…

Read full article on The Hackernews

AI summaries can be wrong sometimes—always verify important details using the source article.

More coverage on this topic

Wordpress29 stories
View all Wordpress coverage
SUPPORT HAPPENINGNOW · Independent AI News Intelligence
SUPPORTER MESSAGE

Enjoyed this article? Consider supporting HappeningNow to help keep independent AI-powered news analysis moving forward. Your contribution helps cover infrastructure, AI summaries, and continued platform development.

Support HappeningNow

More from Cybersecurity

Continue reading recent Cybersecurity coverage