WordPress 7.0.2 went out today with two important security updates. One is a type of pre-authorization RCE we (fortunately!) have only seen a few times in WordPress’ 23-year history; the last, I believe, in the PHPMailer class five years ago. Major kudos to Adam Kues of Searchlight Cyber for finding the batch REST API RCE, […]
