Hackers have set a target of defacing thousands of websites using the latest WordPress REST API exploit. Within 24 hours only, more than 10,000 random websites have been hacked and defaced. The hack includes Government, Education and Personal websites being hacked.
According to The Hack Post, the exploit allows hackers to update content published on a WordPress website running with the 4.7.0 or 4.7.1 versions. The exploit is available online to the public, with videos regarding the exploit.
Zone-H cybercrime archive has recorded over 10,000 websites being hacked with the WordPress REST API exploit. This clearly shows that such large amount of websites are still running on the vulnerable version of WordPress. Although it is not known exactly on how many websites remain vulnerable to the exploit.
To avoid your websites from being hacked with this exploit, Cyber Security professionals have requested to update to the latest WordPress version 4.7.2.