On the 1st of February 2017 a security vulnerabitity that allows a visitor to modify the content of a WordPress page has been dicovered.
How it works ?
An unauthenticated user can get additional rights by exploiting a vulnerability in the REST API and doing so is able to modify the content of any page of the vulnerable WordPress site.
Am i concerned ?
The REST API has been added in WordPress 4.7.0