Unpatched WordPress Flaw Gives Attackers Full Control Over Your Site

By [email protected] (Mohit Kumar) Last week we received a tip about an unpatched vulnerability in the WordPress core, which could allow a low-privileged user to hijack the whole site and execute arbitrary code on the server.

Discovered by researchers at RIPS Technologies GmbH, the “authenticated arbitrary file deletion” vulnerability was reported 7 months ago to the WordPress security team but remains unpatched and affects all

Via:: Unpatched WordPress Flaw Gives Attackers Full Control Over Your Site