https://pagely.com/blog/unauthenticated-site-options-update-vulnerabilities/2019 is coming to an end. Over the last year Pagely’s security team noticed a trend in WordPress related attacks targeting unauthenticated changes to a WordPress website’s options...
Late-breaking news on the 5.2.4 short-cycle security release that landed October 14. When we released the news post, I inadvertently missed giving props to Simon Scannell of RIPS Technologies for finding and disclosing an issue where path traversal can lead to remote...