<?xml version="1.0" encoding="UTF-8"?>
<urlset xmlns="http://www.sitemaps.org/schemas/sitemap/0.9" xmlns:news="http://www.google.com/schemas/sitemap-news/0.9">
<url>
<loc>https://blog.securelayer7.net/cve-2026-63030-cve-2026-60137-wp2shell-pre-auth-rce-in-wordpress-core-via-rest-batch-route-confusion-and-sql-injection/</loc>
<news:news>
<news:publication>
<news:name>SecureLayer7</news:name>
<news:language>en</news:language>
</news:publication>
<news:publication_date>2026-07-18T14:48:00-05:00</news:publication_date>
<news:title>CVE-2026-63030 &#038; CVE-2026-60137: wp2shell Pre-Auth RCE in WordPress Core via REST Batch-Route Confusion and SQL Injection</news:title>
</news:news>
</url>
</urlset>