
Another wordpress core exploit in the wild - parito
https://blog.sucuri.net/2017/02/wordpress-rest-api-vulnerability-abused-in-defacement-campaigns.html
======
parito
This privilege escalation vulnerability affects the WordPress REST API that
was recently added and enabled by default on WordPress 4.7.0.

So basically people who updated religiously were hit, and those who did not,
were fine.

I am left wondering if running wordpress sites in read-only state (both files
and database) should be the only reasonably safe method.

A lot of people run the files with php ownership (so they could update via
/wp-admin, or they just don't care) which opens the site to be exploited by
any vuln plugin/theme

But now it looks like even running proper permissions (NOT www-data) on files
is no longer enough, and we should consider mysql in read-only state when no
editing is happening...

VERY SAD.

