Content Injection Vulnerability in WordPress

Technical details of the WordPress privilege escalation vulnerability in the REST API calls of WordPress 4.7 and 4.7.1, as discovered by our research team.


Find hidden pages on WordPress sites

In December WordPress 4.7 was released. The most cool part of this release was the inclusion of the WordPress REST API. In development for quite some time it was finally included in core. The WordPress REST API is great for developers because it makes it ...

Read more »