VMTech
+381 11 4183 54024/7 Discuss a project
← All Instagram insights VMTECH · INSTAGRAM

Colleagues, note a critical WordPress core vulnerability: an anonymous request can lead to RCE

Colleagues, note a critical WordPress core vulnerability: an anonymous request can lead to RCE

Colleagues, I’d like to flag a cybersecurity development.

I’ve identified a critical flaw in WordPress core: an anonymous HTTP request may lead to code execution on a site without authentication.

The vulnerability affects clean installations with no plugins.
WordPress has already released fixes: 6.9.5 and 7.0.2.
Until patching, I would review the instance and temporarily restrict access to /wp-json/batch/v1 and rest_route=/batch/v1.

Why this matters: the attack requires no preconditions, which makes the risk especially high for public-facing sites.

Have you already updated WordPress?
#cybersecurity #WordPress #vulnerability #patchmanagement

Current metrics
0Views
0Reach
0Likes
0Comments
0Saved
0Shares

Latest comments

No comments yet.

Instagram

Colleagues, note a critical WordPress core vulnerability: an anonymous request can lead to RCE

Open the post on Instagram ↗