CSOonline

WordPress 0-day content injection vulnerability

Today news broke of a particularly nasty zero day vulnerability in the WordPress REST API. The vulnerability in this case would allow for content injection as well as privilege escalation. This ...
Infosecurity Magazine

SQL Injection Flaw Affects 40,000 WordPress Sites

More than 40,000 WordPress sites using the Quiz and Survey Master plugin have been affected by a SQL injection vulnerability that allowed authenticated users to interfere with database queries.
PC World

WordPress silently fixes dangerous code injection vulnerability

Developers of the widely used WordPress content management system released an update last week, but intentionally delayed announcing that the patch addressed a severe vulnerability. WordPress version ...
Threat Post

1.5M Unpatched WordPress Sites Hacked Following Vulnerability Disclosure

WordPress security experts said that 1.5M sites have been defaced following the disclosure of a silently fixed content injection vulnerability. Attackers have taken a liking to a content-injection ...
Computerworld

WordPress silently fixes dangerous code injection vulnerability

Developers of the widely used WordPress content management system released an update last week, but intentionally delayed announcing that the patch addressed a severe vulnerability. WordPress version ...