Content Injection Vulnerability in WordPress
Technical details of the WordPress privilege escalation vulnerability in the REST API calls of WordPress 4.7 and 4.7.1, as discovered by our research team.
Looking WordPress plugins to use on your Business website? Our experts handpicked 24 must have WordPress plugins and tools for business websites.Read more »
For maximum security, use esc_html_e() instead of _e() (and esc_html__()/__()), to ensure any unwanted HTML snuck into a translation file is neutralised. For strings that have HTML in them, use wp_...Read more »