Alerts
Events
DCR
Explore Cyware Products
Alerts
Events
DCR
Go to listing page
Beware! A threat actor could steal the titles of your private (and draft) WordPress posts!
Malware and Vulnerabilities
May 19, 2025
Imperva
A newly discovered vulnerability in WordPress allows attackers to exfiltrate titles of private and draft posts via the XMLRPC pingback feature. This flaw affects all WordPress installations with XMLRPC enabled.
Read More
Wordpress Vulnerability
XMLRPC Exploit
Pingback Abuse
Private Post Leak
Draft Post Exposure
Publisher
Previous
How the Signal Knockoff App TeleMessage Got Hacked in 2 ...
Breaches and Incidents
Next
New 'Defendnot' tool tricks Windows into disabling Micr ...
Malware and Vulnerabilities
/https://cyware-ent.s3.amazonaws.com/image_bank/a332_shutterstock_1808130931.jpg)
/https://cyware-ent.s3.amazonaws.com/image_bank/7c2e_shutterstock_1995125864.jpeg)
