CVE-2026-63030 is a critical vulnerability in WordPress Core affecting versions 6.9.0 through 6.9.4 and 7.0.0 through 7.0.1. The flaw is rooted in route confusion, described as route and validation desynchronization, in the REST API batch request handling. A validated sub-request can be dispatched to an unintended callback, enabling bypass of the allow_batch restriction and the target route's normal input sanitization. On its own, the issue is significant because it allows attacker-controlled input to reach unintended code paths through the batch endpoint. In documented exploitation scenarios, it is chained with CVE-2026-60137, an unauthenticated SQL injection in WP_Query involving the author__not_in parameter, to achieve unauthenticated remote code execution. The vulnerable path is reported to be reachable on default installations when persistent object cache is not in use.
Mallory correlates every CVE against your assets, your vendors, and active adversary campaigns. Know which vulnerabilities matter for you, not just which ones are loud.
What it means. What to do now. Patch path, mitigations, and the assume-compromise checklist.
What an attacker gets, and what they’ve been doing with it.
If you can’t patch tonight, do this now.
Patch, then assume compromise.
2 valid exploits after Mallory filtered fakes, detection scripts, and README-only repos (2 hidden).
This repository is a standalone Python proof-of-concept named `wp2shell-poc` for exploiting an unauthenticated WordPress REST batch route-confusion vulnerability that exposes a pre-auth blind SQL injection path. It is not tied to a major exploit framework. The repository is compact: a launcher (`wp2shell.py`), package entrypoints (`wp2shell/__main__.py`, `__init__.py`), a CLI (`wp2shell/cli.py`), HTTP/payload builder (`wp2shell/client.py`), blind SQLi engine (`wp2shell/sqli.py`), passive version/marker fingerprinting (`wp2shell/version.py`), and a post-authenticated webshell uploader/executor (`wp2shell/shell.py`). Core exploit logic: `BatchClient` constructs nested JSON requests to the WordPress batch REST endpoint. It uses a malformed sub-request path `///` as a desynchronization primer so validation and matched-handler arrays fall out of alignment. This allows a request validated as one route to be dispatched under another route's handler. The exploit chains this twice: first to bypass batch schema/method restrictions, then to dispatch a `/wp/v2/users` request carrying `author_exclude` under the posts `get_items()` handler, where the value reaches `WP_Query author__not_in`. `BlindSQLi` then uses this sink for boolean and time-based blind SQL injection with payloads like `0) OR SLEEP(3)-- -` and `0) AND (<condition>)-- -`, enabling timing confirmation and character-by-character extraction of arbitrary SQL expression results. Capabilities: the `check` command performs passive WordPress fingerprinting, version hint collection, a benign marker probe for route confusion, and optional active timing confirmation of SQLi. The `read` command performs blind extraction of database values, including presets for server fingerprinting and WordPress user/password hash recovery. The `shell` command is explicitly post-auth only: it logs into `/wp-login.php` with valid admin credentials, uploads a ZIP plugin through the WordPress admin plugin upload workflow, and deploys a randomized PHP webshell gated by a per-run token. That webshell executes arbitrary OS commands via `shell_exec` and returns output delimited by `WP2SHELL::...::END`. Overall, this is a real exploit repository, not just a detector. However, the unauthenticated portion stops at SQLi/database read; the repository does not implement a pre-auth RCE jump. RCE is only provided through the optional authenticated helper once administrator credentials are available.
This repository is a standalone Python proof-of-concept exploit for CVE-2026-63030, described as an unauthenticated WordPress core REST batch route-confusion vulnerability that leads to blind SQL injection and can be chained to RCE. The repo is small and purpose-built: a thin launcher (wp2shell.py), package metadata (pyproject.toml), and a Python package with four main modules: cli.py for command parsing and operator workflow, client.py for HTTP transport and construction of the nested batch desynchronization payloads, sqli.py for time-based and boolean-based blind SQLi extraction, and shell.py for optional authenticated post-exploitation via plugin upload. The main exploit capability is pre-authenticated SQL injection through a single target-facing endpoint: POST to /wp-json/batch/v1 or its alternate /?rest_route=/batch/v1 form. The exploit crafts nested batch requests and uses a malformed path primer ('///') to desynchronize validation and route matching. This causes a GET /wp/v2/users request containing author_exclude attacker input to be dispatched under posts get_items(), where the value reaches a vulnerable WP_Query author__not_in SQL context. The SQLi implementation supports a safe 'check' mode using differential SLEEP timing, and a 'read' mode that performs blind extraction one character at a time using ASCII/SUBSTRING predicates. Built-in presets fingerprint the DBMS and extract WordPress user IDs, logins, and password hashes from the users table. The repository also contains an optional post-exploitation stage. If the operator already has valid administrator plaintext credentials (for example after cracking a recovered hash offline), shell.py logs into /wp-login.php, retrieves a nonce from /wp-admin/plugin-install.php?tab=upload, uploads a ZIP plugin to /wp-admin/update.php?action=upload-plugin, and exposes a randomized PHP webshell under /wp-content/plugins/<slug>/<slug>.php. The webshell is token-gated via GET parameter 't' and executes commands from GET parameter 'c' using shell_exec(). cli.py supports both one-shot command execution and an interactive pseudo-shell. Overall, this is a real exploit rather than a detector-only script. It is not framework-based, uses only Python standard library modules, and is best classified as OPERATIONAL: it includes working exploitation logic and a basic hardcoded payload path for command execution, but not the broader modularity of a weaponized framework.
25 sources tracked across advisories, community write-ups, and news. New activity surfaces here as Mallory finds it.
A critical pre-authentication remote code execution chain in WordPress that abuses the unauthenticated REST batch endpoint and route confusion to bypass restrictions, leverage SQL injection, and potentially progress to full site compromise.
A critical unauthenticated remote code execution vulnerability in WordPress core caused by REST API batch request route/validation desynchronization, allowing a validated sub-request to be dispatched to an unintended callback and chained with SQL injection.
A critical unauthenticated remote code execution vulnerability in WordPress REST API batch endpoint affecting WordPress 6.9 and later when a persistent object cache is not in use.
A critical unauthenticated remote code execution vulnerability in WordPress Core reachable via the WordPress REST API batch endpoint, potentially allowing complete compromise of affected websites and underlying data.
Query your assets running an affected version, and investigate the blast radius.
Every observed campaign linking this CVE to a named adversary.
Malware families riding this exploit, with evidence and IOCs.
YARA, Sigma, Snort, and vendor rules, auto-deployed to your SIEM.
Cross-references every affected SKU, including bundled OEM variants.
Community discussion across Reddit, Mastodon, and other social sources.