Skip to content
The Nexus
SECURITYJul 17 · 21:20 UTCTHE HACKER NEWS[email protected] (The Hacker News)

New wp2shell WordPress Core Flaw Lets Unauthenticated Attackers Run Code

A new WordPress core vulnerability named wp2shell allows unauthenticated attackers to execute arbitrary code via an anonymous HTTP request. The flaw exists in the core software, making even installations with no plugins exploitable. WordPress released updates 6.9.5 and 7.0.2 to address the issue, which previously affected all 6.9 and 7.0 versions.

Nexus surfaces and summarizes. The full story lives at the source.

Mentioned
Spot something wrong with this article?Report a problem →
Forward this
Related Signal

Adjacent reporting