Our teams continue to work diligently to assess the impact of the recently disclosed WordPress Core vulnerabilities and verify that appropriate mitigation measures are in place. We remain actively engaged in our investigation and are monitoring the situation for any new developments.
We will continue to closely monitor the situation and take any additional steps necessary to maintain system security and stability. If you need assistance or have any concerns, please contact our Support team.
Posted Jul 18, 2026 - 18:16 CDT
Investigating
On July 17th Wordpress.org announced two critical remote code execution (RCE) vulnerabilities commonly known as WP2Shell. These vulnerabilities exist in Wordpress Core and allow an unauthenticated request to execute arbitrary code on the target website.
Customers running the Wordpress versions below are strongly advised to upgrade to latest version shown as soon as possible:
Wordpress 6.8.x; fixed in 6.8.6 WordPress 6.9.x; fixed in 6.9.5 WordPress 7.0.x; fixed in 7.0.2 WordPress 7.1 beta, fixed in 7.1 beta2