Dossier
Searchlight Cyber
Coverage of Searchlight Cyber in the Nexus archive.
- New wp2shell WordPress Core Flaw Lets Unauthenticated Attackers Run Code
A new WordPress core vulnerability named wp2shell allows unauthenticated attackers to execute arbitrary code via an anonymous HTTP request. The flaw exists in the core software, making even installations with no plugins exploitable. WordPress released updates 6.9.5 and 7.0.2 to address the issue, which previously affected all 6.9 and 7.0 versions.