<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<rss xmlns:atom="http://www.w3.org/2005/Atom" xmlns:content="http://purl.org/rss/1.0/modules/content/" version="2.0">
  <channel>
    <title>Most recent sightings.</title>
    <link>https://vulnerability.circl.lu</link>
    <description>Contains only the most 10 recent sightings.</description>
    <docs>http://www.rssboard.org/rss-specification</docs>
    <generator>python-feedgen</generator>
    <language>en</language>
    <lastBuildDate>Sat, 18 Jul 2026 19:01:23 +0000</lastBuildDate>
    <item>
      <title>83499df4-e11b-4d80-9306-5286293695f6</title>
      <link>https://vulnerability.circl.lu/sighting/83499df4-e11b-4d80-9306-5286293695f6/export</link>
      <description>{"uuid": "83499df4-e11b-4d80-9306-5286293695f6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-63030", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityIL/86094", "content": "\ud83c\udf10\u05e9\u05d9\u05de\u05d5 \u05dc\u05d1 \u05dc\u05e9\u05ea\u05d9 \u05e4\u05d2\u05d9\u05e2\u05d5\u05d9\u05d5\u05ea \u05d1\u05e4\u05dc\u05d8\u05e4\u05d5\u05e8\u05de\u05ea Wordpress \u05d4\u05de\u05d0\u05e4\u05e9\u05e8\u05d5\u05ea (\u05d9\u05d7\u05d3) \u05d4\u05e8\u05e6\u05ea \u05e7\u05d5\u05d3 \u05de\u05e8\u05d7\u05d5\u05e7.\n\n\u05d4\u05d7\u05d5\u05dc\u05e9\u05d5\u05ea CVE-2026-60137 \u05d5-CVE-2026-63030 \u05db\u05d5\u05dc\u05dc\u05d5\u05ea \u05db\u05d1\u05e8 POC \u05e2\u05d5\u05d1\u05d3 \u05e9\u05e4\u05d5\u05e8\u05e1\u05dd \u05d1\u05e8\u05e9\u05ea, \u05e7\u05d9\u05d1\u05dc\u05d5 \u05d0\u05ea \u05d4\u05db\u05d9\u05e0\u05d5\u05d9 wp2shell, \u05d5\u05d4\u05df \u05e4\u05d5\u05e6'\u05e4\u05e6'\u05d5 \u05d1\u05d2\u05e8\u05e1\u05d0\u05d5\u05ea 6.9.5 \u05d5-7.0.2.\n\nhttps://t.me/CyberSecurityIL/9229", "creation_timestamp": "2026-07-18T19:00:04.654205Z"}</description>
      <content:encoded>{"uuid": "83499df4-e11b-4d80-9306-5286293695f6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-63030", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityIL/86094", "content": "\ud83c\udf10\u05e9\u05d9\u05de\u05d5 \u05dc\u05d1 \u05dc\u05e9\u05ea\u05d9 \u05e4\u05d2\u05d9\u05e2\u05d5\u05d9\u05d5\u05ea \u05d1\u05e4\u05dc\u05d8\u05e4\u05d5\u05e8\u05de\u05ea Wordpress \u05d4\u05de\u05d0\u05e4\u05e9\u05e8\u05d5\u05ea (\u05d9\u05d7\u05d3) \u05d4\u05e8\u05e6\u05ea \u05e7\u05d5\u05d3 \u05de\u05e8\u05d7\u05d5\u05e7.\n\n\u05d4\u05d7\u05d5\u05dc\u05e9\u05d5\u05ea CVE-2026-60137 \u05d5-CVE-2026-63030 \u05db\u05d5\u05dc\u05dc\u05d5\u05ea \u05db\u05d1\u05e8 POC \u05e2\u05d5\u05d1\u05d3 \u05e9\u05e4\u05d5\u05e8\u05e1\u05dd \u05d1\u05e8\u05e9\u05ea, \u05e7\u05d9\u05d1\u05dc\u05d5 \u05d0\u05ea \u05d4\u05db\u05d9\u05e0\u05d5\u05d9 wp2shell, \u05d5\u05d4\u05df \u05e4\u05d5\u05e6'\u05e4\u05e6'\u05d5 \u05d1\u05d2\u05e8\u05e1\u05d0\u05d5\u05ea 6.9.5 \u05d5-7.0.2.\n\nhttps://t.me/CyberSecurityIL/9229", "creation_timestamp": "2026-07-18T19:00:04.654205Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/83499df4-e11b-4d80-9306-5286293695f6/export</guid>
      <pubDate>Sat, 18 Jul 2026 19:00:04 +0000</pubDate>
    </item>
    <item>
      <title>0e4860d5-544c-4589-8741-c6d88831a109</title>
      <link>https://vulnerability.circl.lu/sighting/0e4860d5-544c-4589-8741-c6d88831a109/export</link>
      <description>{"uuid": "0e4860d5-544c-4589-8741-c6d88831a109", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-63030", "type": "seen", "source": "https://t.me/P0x3k_1N73LL1G3NC3/393", "content": "WordPress Core \"wp2shell\" RCE\n\nThe attack consists of two flaws, tracked as CVE-2026-63030 and CVE-2026-60137, that can be chained together to achieve pre-authentication remote code execution against WordPress installs running versions 6.9.x and 7.0.x.", "creation_timestamp": "2026-07-18T19:00:04.511150Z"}</description>
      <content:encoded>{"uuid": "0e4860d5-544c-4589-8741-c6d88831a109", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-63030", "type": "seen", "source": "https://t.me/P0x3k_1N73LL1G3NC3/393", "content": "WordPress Core \"wp2shell\" RCE\n\nThe attack consists of two flaws, tracked as CVE-2026-63030 and CVE-2026-60137, that can be chained together to achieve pre-authentication remote code execution against WordPress installs running versions 6.9.x and 7.0.x.", "creation_timestamp": "2026-07-18T19:00:04.511150Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/0e4860d5-544c-4589-8741-c6d88831a109/export</guid>
      <pubDate>Sat, 18 Jul 2026 19:00:04 +0000</pubDate>
    </item>
    <item>
      <title>ec5c51f9-c246-4654-afde-0bcbfd14ca2b</title>
      <link>https://vulnerability.circl.lu/sighting/ec5c51f9-c246-4654-afde-0bcbfd14ca2b/export</link>
      <description>{"uuid": "ec5c51f9-c246-4654-afde-0bcbfd14ca2b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-63030", "type": "seen", "source": "https://bsky.app/profile/newssecia.bsky.social/post/3mqwvxjrszp24", "content": "\ud83e\udd16 WordPress Core \"wp2shell\" RCE (CVE-2026-63030, CVE-2026-60137): public exploits released for critical unauthenticated RCE. Patch immediately.\n\nhttps://www.bleepingcomputer.com/news/security/wordpress-core-wp2shell-rce-flaws-get-public-exploits-patch-now/", "creation_timestamp": "2026-07-18T18:38:34.386900Z"}</description>
      <content:encoded>{"uuid": "ec5c51f9-c246-4654-afde-0bcbfd14ca2b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-63030", "type": "seen", "source": "https://bsky.app/profile/newssecia.bsky.social/post/3mqwvxjrszp24", "content": "\ud83e\udd16 WordPress Core \"wp2shell\" RCE (CVE-2026-63030, CVE-2026-60137): public exploits released for critical unauthenticated RCE. Patch immediately.\n\nhttps://www.bleepingcomputer.com/news/security/wordpress-core-wp2shell-rce-flaws-get-public-exploits-patch-now/", "creation_timestamp": "2026-07-18T18:38:34.386900Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/ec5c51f9-c246-4654-afde-0bcbfd14ca2b/export</guid>
      <pubDate>Sat, 18 Jul 2026 18:38:34 +0000</pubDate>
    </item>
    <item>
      <title>78d00a56-6869-4fde-8fb1-31e33ad1a3f9</title>
      <link>https://vulnerability.circl.lu/sighting/78d00a56-6869-4fde-8fb1-31e33ad1a3f9/export</link>
      <description>{"uuid": "78d00a56-6869-4fde-8fb1-31e33ad1a3f9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-63030", "type": "seen", "source": "https://bsky.app/profile/modat-io.bsky.social/post/3mqwverqh222u", "content": "\u26a0\ufe0f wp2shell (CVE-2026-63030, CVSS 9.8): pre-auth RCE in WordPress core via the REST batch API (batch/v1), on by default &amp;amp; reachable unauthenticated. Works on a stock install, no plugins. Affects 6.9.0\u20136.9.4 &amp;amp; 7.0.0\u20137.0.1. Update to 6.9.5/7.0.2 now. Query: technology=\"WordPress\"", "creation_timestamp": "2026-07-18T18:28:10.732390Z"}</description>
      <content:encoded>{"uuid": "78d00a56-6869-4fde-8fb1-31e33ad1a3f9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-63030", "type": "seen", "source": "https://bsky.app/profile/modat-io.bsky.social/post/3mqwverqh222u", "content": "\u26a0\ufe0f wp2shell (CVE-2026-63030, CVSS 9.8): pre-auth RCE in WordPress core via the REST batch API (batch/v1), on by default &amp;amp; reachable unauthenticated. Works on a stock install, no plugins. Affects 6.9.0\u20136.9.4 &amp;amp; 7.0.0\u20137.0.1. Update to 6.9.5/7.0.2 now. Query: technology=\"WordPress\"", "creation_timestamp": "2026-07-18T18:28:10.732390Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/78d00a56-6869-4fde-8fb1-31e33ad1a3f9/export</guid>
      <pubDate>Sat, 18 Jul 2026 18:28:10 +0000</pubDate>
    </item>
    <item>
      <title>8ffd3839-cd45-42e5-8963-7bbbe46d03e2</title>
      <link>https://vulnerability.circl.lu/sighting/8ffd3839-cd45-42e5-8963-7bbbe46d03e2/export</link>
      <description>{"uuid": "8ffd3839-cd45-42e5-8963-7bbbe46d03e2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-63030", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116942282990851209", "content": "WordPress Core \"wp2shell\" CRITICAL RCE chain (CVE-2026-63030 &amp;amp; CVE-2026-60137) actively exploited. Affects 6.9.0 \u2013 6.9.4 &amp;amp; 7.0.0 \u2013 7.0.1. Public PoCs out. Patch to 6.9.5/7.0.2 ASAP. Block REST API endpoints as temp mitigation. https://radar.offseq.com/threat/wordpress-core-wp2shell-rce-flaws-get-public-exploits-patch-now-99579d9a7c571599 #OffSeq #WordPress #RCE #Vuln", "creation_timestamp": "2026-07-18T18:00:29.385363Z"}</description>
      <content:encoded>{"uuid": "8ffd3839-cd45-42e5-8963-7bbbe46d03e2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-63030", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116942282990851209", "content": "WordPress Core \"wp2shell\" CRITICAL RCE chain (CVE-2026-63030 &amp;amp; CVE-2026-60137) actively exploited. Affects 6.9.0 \u2013 6.9.4 &amp;amp; 7.0.0 \u2013 7.0.1. Public PoCs out. Patch to 6.9.5/7.0.2 ASAP. Block REST API endpoints as temp mitigation. https://radar.offseq.com/threat/wordpress-core-wp2shell-rce-flaws-get-public-exploits-patch-now-99579d9a7c571599 #OffSeq #WordPress #RCE #Vuln", "creation_timestamp": "2026-07-18T18:00:29.385363Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/8ffd3839-cd45-42e5-8963-7bbbe46d03e2/export</guid>
      <pubDate>Sat, 18 Jul 2026 18:00:29 +0000</pubDate>
    </item>
    <item>
      <title>7bc98b1a-b5c8-4f90-b934-66937aa331a8</title>
      <link>https://vulnerability.circl.lu/sighting/7bc98b1a-b5c8-4f90-b934-66937aa331a8/export</link>
      <description>{"uuid": "7bc98b1a-b5c8-4f90-b934-66937aa331a8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-63030", "type": "seen", "source": "https://bsky.app/profile/hendryadrian.bsky.social/post/3mqwttcd5pq2a", "content": "Public exploits for WordPress Core wp2shell flaws now enable pre-auth RCE on 6.9.x and 7.0.x. Tracked as CVE-2026-63030 and CVE-2026-60137. WordPress has pushed security updates. #WordPress #RCE #CVE2026", "creation_timestamp": "2026-07-18T18:00:25.414356Z"}</description>
      <content:encoded>{"uuid": "7bc98b1a-b5c8-4f90-b934-66937aa331a8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-63030", "type": "seen", "source": "https://bsky.app/profile/hendryadrian.bsky.social/post/3mqwttcd5pq2a", "content": "Public exploits for WordPress Core wp2shell flaws now enable pre-auth RCE on 6.9.x and 7.0.x. Tracked as CVE-2026-63030 and CVE-2026-60137. WordPress has pushed security updates. #WordPress #RCE #CVE2026", "creation_timestamp": "2026-07-18T18:00:25.414356Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/7bc98b1a-b5c8-4f90-b934-66937aa331a8/export</guid>
      <pubDate>Sat, 18 Jul 2026 18:00:25 +0000</pubDate>
    </item>
    <item>
      <title>c79f977f-c5eb-496e-86c8-57b572dbd312</title>
      <link>https://vulnerability.circl.lu/sighting/c79f977f-c5eb-496e-86c8-57b572dbd312/export</link>
      <description>{"uuid": "c79f977f-c5eb-496e-86c8-57b572dbd312", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-63030", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/94017", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #CVE-2026 #RCE\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a wp2shell\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a h4cd0c\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a Python\n\u2b50 Star\u6570\u91cf\uff1a 0  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-07-18 16:41:06\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nwp2shell \u2014 Pre-authentication RCE in WordPress Core (CVE-2026-60137 + CVE-2026-63030). Chains an SQL injection in author__not_in with batch-route confusion for unauthenticated remote code execution on WP 6.9.0\u20136.9.4 / 7.0.0\u20137.0.1.\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-07-18T18:00:04.586072Z"}</description>
      <content:encoded>{"uuid": "c79f977f-c5eb-496e-86c8-57b572dbd312", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-63030", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/94017", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #CVE-2026 #RCE\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a wp2shell\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a h4cd0c\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a Python\n\u2b50 Star\u6570\u91cf\uff1a 0  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-07-18 16:41:06\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nwp2shell \u2014 Pre-authentication RCE in WordPress Core (CVE-2026-60137 + CVE-2026-63030). Chains an SQL injection in author__not_in with batch-route confusion for unauthenticated remote code execution on WP 6.9.0\u20136.9.4 / 7.0.0\u20137.0.1.\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-07-18T18:00:04.586072Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/c79f977f-c5eb-496e-86c8-57b572dbd312/export</guid>
      <pubDate>Sat, 18 Jul 2026 18:00:04 +0000</pubDate>
    </item>
    <item>
      <title>eb1cdf41-c4cf-4df0-9b04-19bfe964e023</title>
      <link>https://vulnerability.circl.lu/sighting/eb1cdf41-c4cf-4df0-9b04-19bfe964e023/export</link>
      <description>{"uuid": "eb1cdf41-c4cf-4df0-9b04-19bfe964e023", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-63030", "type": "seen", "source": "https://infosec.exchange/users/vuldb/statuses/116942243747321126", "content": "It is possible to see elevated activities targeting WordPress (CVE-2026-63030) https://vuldb.com/vuln/379927/cti", "creation_timestamp": "2026-07-18T17:50:30.349562Z"}</description>
      <content:encoded>{"uuid": "eb1cdf41-c4cf-4df0-9b04-19bfe964e023", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-63030", "type": "seen", "source": "https://infosec.exchange/users/vuldb/statuses/116942243747321126", "content": "It is possible to see elevated activities targeting WordPress (CVE-2026-63030) https://vuldb.com/vuln/379927/cti", "creation_timestamp": "2026-07-18T17:50:30.349562Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/eb1cdf41-c4cf-4df0-9b04-19bfe964e023/export</guid>
      <pubDate>Sat, 18 Jul 2026 17:50:30 +0000</pubDate>
    </item>
    <item>
      <title>15ea1e03-2480-4f6d-a4aa-ac4428b6b7b5</title>
      <link>https://vulnerability.circl.lu/sighting/15ea1e03-2480-4f6d-a4aa-ac4428b6b7b5/export</link>
      <description>{"uuid": "15ea1e03-2480-4f6d-a4aa-ac4428b6b7b5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-63030", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/94004", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #CVE-2026 #POC #Exploit #RCE\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a CVE-2026-63030\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a mverschu\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a Python\n\u2b50 Star\u6570\u91cf\uff1a 0  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-07-18 14:39:10\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nPoC Exploit of WordPress Core Unauthenticated RCE\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-07-18T17:00:05.151129Z"}</description>
      <content:encoded>{"uuid": "15ea1e03-2480-4f6d-a4aa-ac4428b6b7b5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-63030", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/94004", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #CVE-2026 #POC #Exploit #RCE\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a CVE-2026-63030\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a mverschu\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a Python\n\u2b50 Star\u6570\u91cf\uff1a 0  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-07-18 14:39:10\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nPoC Exploit of WordPress Core Unauthenticated RCE\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-07-18T17:00:05.151129Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/15ea1e03-2480-4f6d-a4aa-ac4428b6b7b5/export</guid>
      <pubDate>Sat, 18 Jul 2026 17:00:05 +0000</pubDate>
    </item>
    <item>
      <title>220ac080-192e-446e-9896-c4e034ef35ed</title>
      <link>https://vulnerability.circl.lu/sighting/220ac080-192e-446e-9896-c4e034ef35ed/export</link>
      <description>{"uuid": "220ac080-192e-446e-9896-c4e034ef35ed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-63030", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/94005", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #CVE-2026 #RCE\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a wp2shell\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a 0xsha\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a Python\n\u2b50 Star\u6570\u91cf\uff1a 0  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-07-18 14:29:00\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nCVE-2026-63030 + CVE-2026-60137 - \u201cwp2shell\u201d: unauthenticated RCE in WordPress core\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-07-18T17:00:05.084152Z"}</description>
      <content:encoded>{"uuid": "220ac080-192e-446e-9896-c4e034ef35ed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-63030", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/94005", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #CVE-2026 #RCE\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a wp2shell\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a 0xsha\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a Python\n\u2b50 Star\u6570\u91cf\uff1a 0  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-07-18 14:29:00\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nCVE-2026-63030 + CVE-2026-60137 - \u201cwp2shell\u201d: unauthenticated RCE in WordPress core\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-07-18T17:00:05.084152Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/220ac080-192e-446e-9896-c4e034ef35ed/export</guid>
      <pubDate>Sat, 18 Jul 2026 17:00:05 +0000</pubDate>
    </item>
  </channel>
</rss>
