Portsuppe

“wp2shell”: Critical WordPress vulnerability allows code injection via API

Heise Security (DE)·2h·Reputable

By chaining a SQL injection vulnerability and an API vulnerability, attackers can inject code. WordPress has released an update and Finder has released a hotfix.

Categories cybersecurity · government-security · data-protection
Original source / advisory
Published
7/18/2026, 5:19:00 AM
Fetched
7/18/2026, 6:19:06 AM
Trust
reputable · 80/100
Language
de