Saturday, July 18, 2026
updated hourly · four languages, one press

php-net.pro · the dev news broadsheet

The Dev Dispatch

PHP · Security

Critical Pre-Auth RCE Flaw Found in WordPress Core, Dubbed "wp2shell"

Security researcher Adam Kues of Searchlight Cyber disclosed a critical pre-authentication remote code execution vulnerability in WordPress core, named wp2shell, in July 2026. The flaw could let attackers compromise sites without valid credentials, putting the more than 500 million WordPress-powered websites at risk until patched or mitigated.

Read the original source ↗

AI-generated summary (Sönke)

← back to the front page