Cybersecurity · 1 views
New wp2shell WordPress Core Flaw Lets Unauthenticated Attackers Run Code
An anonymous HTTP request can run code on a WordPress site.
AI Summary
An anonymous HTTP request can run code on a WordPress site. The bug is in core, so a bare install with zero plugins is exploitable. Every 6.9 and 7.0 site was in range until Friday, when WordPress shipped 6.9.5 and 7.0.2 and enabled what it calls forced updates through its auto-update system. Adam Kues at Assetnote, Searchlight Cyber's attack surface manage…
Read full article on The HackernewsAI summaries can be wrong sometimes—always verify important details using the source article.
Enjoyed this article? Consider supporting HappeningNow to help keep independent AI-powered news analysis moving forward. Your contribution helps cover infrastructure, AI summaries, and continued platform development.
Support HappeningNowMore from Cybersecurity
Continue reading recent Cybersecurity coverage