A newly disclosed vulnerability chain dubbed wp2shell affects WordPress Core, not a third-party plugin. The disclosure has prompted emergency security updates and includes publicly available PoC, IoCs, and detection guidance for defenders

  • Björn@swg-empire.de
    link
    fedilink
    English
    arrow-up
    13
    ·
    18 hours ago

    For all its flaws and spaghetti code vulnerabilities in WP core have been really really rare. It’s usually some plugin that’s vulnerable. And automatic updates take care of timely patches.