okay so real talk about this WordPress vulnerability

- they either need to have an account on your WordPress install

OR

- chain another WP exploit to gain an account

SO, first things first, make sure your WordPress core install is at the latest version available, along with all plugins. This rules out any old vulns. from being chain exploited.

Second thing, ensure you have proper backups of your site and its database & ensure you can restore from them.

#infosec

another thing that just came to mind:

If you have a WordPress install with multiple accounts, audit all of them and delete any that are not needed anymore.

Might also be a good idea to reset the password of all active/in-use accounts as a precaution.

#infosec

BTW, the WordPress vulnerability I am talking about is this one:

https://blog.ripstech.com/2018/wordpress-file-delete-to-code-execution/

Post has a temporary patch but I am hesitant to recommend any one hot patch WordPress core files unless they are a high-value target and have PHP developers who can troubleshoot issues arising from that fix. The authors of that post are of the same opinion.

#infosec

user input sanitization vulnerabilities gonna stay fucking us forever though eh

like legit we are gonna be taking down Skynet in the year 2100 with a user input sanitization vulnerability

#infosec