SEO Spam Campaign Exploiting WordPress REST API Vulnerability

SEO Spam Campaign Exploiting WordPress REST API Vulnerability

Just over a week ago, WordPress released version 4.7.3 to patch multiple security issues. Despite the automatic update feature provided by many hosting companies, there are still many WordPress websites that have not been updated. In fact, we are seeing quite a few sites that are still using versions 4.7 and 4.7.1, which are vulnerable to the WordPress REST API vulnerability patched in early February  (version 4.7.2). This more serious vulnerability allows attackers to create, delete, and modify posts on vulnerable websites without authorization.

Continue reading SEO Spam Campaign Exploiting WordPress REST API Vulnerability at Sucuri Blog.

Read more: SEO Spam Campaign Exploiting WordPress REST API Vulnerability

Story added 15. March 2017, content source with full text you can find at link above.