Hacking 27% of the Web via WordPress Auto-Update

At Wordfence, we continually look for security vulnerabilities in the third party plugins and themes that are widely used by the WordPress community. In addition to this research, we regularly examine WordPress core and the related wordpress.org systems. …

Similar

Hacking WordPress 4.7.0 – step-by-step

The guys from sucuri have recently published a blog post with details of a WordPress vulnerability which allows an unauthenticated attacker to easily edit any blog post of their liking by abusing a bug in the WordPress REST API. I am not going to write ab...

Read more »