FRIDAY, JULY 17, 2026 48° E  /  GLOBAL TECH · SUMMARISED SUBSCRIBE
AI, business, devices, policy — global tech, summarised every 30 minutes.
Security · 1h ago

Critical WordPress Core Bug Allows Unauthenticated Remote Code Execution

By Meridian48 News Desk · Summarised from The Hacker News ·

A critical flaw in WordPress core, tracked as wp2shell, lets unauthenticated attackers execute arbitrary code via HTTP requests. The bug affects all WordPress 6.9 and 7.0 sites, even with no plugins installed. WordPress released emergency patches 6.9.5 and 7.0.2 on Friday, with forced auto-updates enabled to protect vulnerable sites.

Meridian48 take
The forced-update mechanism is a rare and aggressive move by WordPress, underscoring the severity of a bug that could be weaponized at scale.
Read the full reporting
New wp2shell WordPress Core Flaw Lets Unauthenticated Attackers Run Code →
The Hacker News
wordpressremote-code-execution
More security briefs
Go deeper on security
AllAIStartupsBusinessDevicesPolicySecurityDev ToolsPakistan