New wp2shell WordPress Core Flaw Lets Unauthenticated Attackers Run Code
WordPress 6.9.5 and 7.0.2 patch wp2shell, a pre-auth core RCE that lets anonymous attackers run code on default installs, even with no plugins.
More info
