- WordPress version 3.6.1 has fixed a number of security vulnerabilities, including one that could lead to remote code execution on vulnerable installations. Older versions of WordPress perform unsafe PHP unserialization that could occur in limited situations and setups, which can lead to remote code execution.
- Update to WordPress version 3.6.1 or newer.
- WordPress 3.8.2 security release
- WordPress Plugin NextGEN Gallery-WordPress Gallery Remote Code Execution (2.1.59)
- WordPress Plugin WP-Filebase Download Manager Remote Code Execution (0.3.0.03)
- Remote code execution vulnerability in WordPress Duplicator
- WordPress Plugin WooCommerce Possible Remote Code Execution (3.5.0)