-
SEO Spam Campaign Exploiting WordPress REST API Vulnerability
Just over a week ago, WordPress released version 4.7.3 to patch multiple security issues. Despite the automatic update feature provided by many hosting companies, there are still many WordPress websites that have not been updated. In fact, we are seeing quite a few sites that are still using versions 4.7 and 4.7.1, which are vulnerable…
-
Wordfence Blocks Username Harvesting via the New REST API in WP 4.7
WordPress 4.7 was released 6 days ago, on December 6th. It includes a REST API that will be used by many WordPress plugins, mobile apps, desktop applications, cloud services and even WordPress core in future. Every site that upgrades to WordPress 4.7 has this API enabled by default. The API is powerful and allows WordPress to move…
