“wp2shell”: Critical WordPress vulnerability allows code injection via API
Heise Security (DE)·2h·Reputable
By chaining a SQL injection vulnerability and an API vulnerability, attackers can inject code. WordPress has released an update and Finder has released a hotfix.
Categories cybersecurity · government-security · data-protection
Original source / advisory ↗Published
7/18/2026, 5:19:00 AM
Fetched
7/18/2026, 6:19:06 AM
Trust
reputable · 80/100
Language
de