PSA: WordPress Core Patched Unauthenticated Remote Code Execution Vulnerability Chain 

SecurityVendor

On July 17, 2026, the WordPress Security Team released updates to WordPress core addressing two security vulnerabilities. The first is an unauthenticated SQL injection vulnerability identified as CVE-2026-60137, while the second can be chained with the SQL injection to increase its impact to unauthenticated remote code execution and is identified as CVE-2026-63030. To protect WordPress …Read More
The post PSA: WordPress Core Patched Unauthenticated Remote Code Execution Vulnerability Chain appeared first on Wordfence.WordfenceRead More