Critical WordPress Core Flaws Allow Unauthenticated Code Execution On Vulnerable Sites
Newly disclosed WordPress core vulnerabilities tracked as CVE 2026 63030 and CVE 2026 60137 could allow unauthenticated code execution on vulnerable websites. WordPress has released security updates and enabled forced updates for affected versions.