WordPress 5.1–critical exploit chain that enables an unauthenticated attacker to gain remote code execution on any WordPress installation:
– exploit is possible due to a CSRF vulnerability in comment forms
– fixed in WordPress 5.1.1
@infosechandbook Seems like vulnpress at this point
mastodon.at is a microblogging site that federates with most instances on the Fediverse.