WordPress REST API Bug Could Be Used in Stored XSS Attacks

The recently patched REST API Endpoint vulnerability in WordPress could be leveraged to pull off stored cross-site scripting attacks. Continue reading WordPress REST API Bug Could Be Used in Stored XSS Attacks

1.5M Unpatched WordPress Sites Hacked Following Vulnerability Disclosure

WordPress security experts said that 1.5M sites have been defaced following the disclosure of a silently fixed content injection vulnerability. Continue reading 1.5M Unpatched WordPress Sites Hacked Following Vulnerability Disclosure

WordPress Silently Fixed Privilege Escalation Vulnerability in 4.72 Update

WordPress silently fixed a serious content injection vulnerability when it pushed out its latest security release, 4.7.2, last week
Continue reading WordPress Silently Fixed Privilege Escalation Vulnerability in 4.72 Update