Critical WordPress REST API Bug: Prevent Your Blog From Being Hacked!

Last week, WordPress patched three security flaws, but just yesterday the company disclosed about a nasty then-secret zero-day vulnerability that let remote unauthorized hackers modify the content of any post or page within a WordPress site. The nasty bug resides in Wordpress REST API that would lead to the creation of two new vulnerabilities: Remote privilege escalation and Content injection

from The Hacker News http://ift.tt/2kk4wJB
via IFTTT