Tag: xml-rpc

All the articles with the tag "xml-rpc".

[CVE-2025-54352] WordPress XML-RPC Pingback Leaks Titles of Private and Draft Posts

21 Jul, 2025

A flaw in the longstanding pingback feature exposes the titles of unpublished WordPress content to the internet. An attacker needs nothing more than access to xmlrpc.php to enumerate every confidential headline.

[CVE-2025-54352] WordPress XML-RPC Pingback Leaks Titles of Private and Draft Posts