Wordpress users read on!


#1

“Last month we released an authenticated remote code execution (RCE) vulnerability in WordPress 5.0. This blog post reveals another critical exploit chain for WordPress 5.1 that enables an unauthenticated attacker to gain remote code execution on any WordPress installation prior to version 5.1.1 …”

https://blog.ripstech.com/2019/wordpress-csrf-to-rce/


#2

Thank you. My setting “Future security updates will be applied automatically.” works but it is always worth double checking.