Attackers Capitalizing on Unpatched WordPress Sites
Attackers didn’t wait long to capitalize on laggards slow in updating their WordPress sites to patch a critical content injection vulnerability addressed in WordPress 4.7.2.
The update was made public on Jan. 26 with WordPress disclosing six days later that the update also included a silent fix for an unauthenticated privilege escalation flaw in a REST API endpoint.
Tags:
Read more: Attackers Capitalizing on Unpatched WordPress Sites
Story added 7. February 2017, content source with full text you can find at link above.