27 April 2021 at 15:01 UTC
Updated: 27 April 2021 at 15:06 UTC
Researchers provide technical details of bug that was fixed in latest security release
An XML External Entity (XXE) injection bug in WordPress could allow attackers to remotely steal a victim’s files, researchers have revealed.
Security researchers at SonarSource who discovered the vulnerability published a blog post today (April 27) that provides technical details on the now-patched bug.