4 min read
WordPress Core CVE-2026-63030: patch 7.0.1 and older branches now
Critical unauthenticated RCE (wp2shell) hits WordPress 7.0.0–7.0.1 and 6.9.0–6.9.4. What the CVEs mean, which versions are fixed, and what SMBs should do today.
4 articles
Critical unauthenticated RCE (wp2shell) hits WordPress 7.0.0–7.0.1 and 6.9.0–6.9.4. What the CVEs mean, which versions are fixed, and what SMBs should do today.
You cannot patch what you forgot existed. A quick method to find shadow WordPress and forgotten subdomains.
How small business sites get owned, and a maintenance rhythm that prevents most of it.
A practical shortlist of WordPress plugins for security, Google insights, SEO, legal pages, and caching: what each one does and when Premium is worth it.