Imperva Customers Protected Against “wp2shell” Pre-Authentication RCE in WordPress Core

TL;DR: A critical pre-authentication Remote Code Execution (RCE) vulnerability, dubbed “wp2shell” (CVE-2026-63030), has been identified in WordPress Core. This vulnerability allows an unauthenticated attacker to execute arbitrary code on a vulnerable WordPress installation without any preconditions, such as plugins or specific configurations. Given that WordPress powers over 500 million websites, this vulnerability poses a significant risk to the global web ecosystem.  […]

The post Imperva Customers Protected Against “wp2shell” Pre-Authentication RCE in WordPress Core appeared first on Blog.

This article has been indexed from Blog

Read the original article: