Threat Post

20K WordPress Sites Exposed by Insecure Plugin REST-API

The WordPress WP HTML Mail plugin for personalized emails is vulnerable to code injection and phishing due to XSS. More than 20,000 WordPress sites are vulnerable to malicious code injection, phishing ...
Bleeping Computer

WordPress REST API Flaw Used to Install Backdoors

Attackers have found a way to escalate the benign WordPress REST API flaw and use it to gain full access to a victim's server by installing a hidden backdoor. On January 26, the WordPress team ...
The Next Web

WordPress adds post embedding and REST API integration to its latest version

WordPress, the wildly popular CMS that powers 25 percent of all of the planet’s websites, has received an update with a raft of new features, including the ability to share entire posts on other sites ...