WordPress Security Flaw Allows Unauthenticated Code Execution, Affecting Millions of Sites
Rapid Read

WordPress Security Flaw Allows Unauthenticated Code Execution, Affecting Millions of Sites

What's Happening? A significant security flaw in WordPress, known as wp2shell, has been identified, allowing unauthenticated attackers to execute code on WordPress sites. The flaw consists of two vulnerabilities: CVE-2026-63030, a REST API batch-route confusion, and CVE-2026-60137, a SQL injection i
AI Generated
This may include content generated using AI tools. Glance teams are making active and commercially reasonable efforts to moderate all AI generated content. Glance moderation processes are improving however our processes are carried out on a best-effort basis and may not be exhaustive in nature. Glance encourage our users to consume the content judiciously and rely on their own research for accuracy of facts. Glance maintains that all AI generated content here is for entertainment purposes only.