Two new high severity WordPress vulnerabilities, patch immediately!

The 7.0.2 WordPress security release addresses one critical and one high severity security issue. The vulnerabilities reported to the WordPress security team include: CVE-2026-60137 – A facilitated SQL injection issue reported as a team by TF1T, dtro, and haongo CVE-2026-60137 – A REST API batch-route confusion and SQL injection issue leading to Remote Code Execution reported by Adam Kues at Assetnote / Searchlight Cyber Which versions of WordPress are vulnerable? WordPress 6.9 is affected by … More

The post Two new high severity WordPress vulnerabilities, patch immediately! appeared first on Help Net Security.

This article has been indexed from Help Net Security

Read the original article: