Critical remote code execution vulnerabilities in WordPress Core, known as "wp2shell," have been publicly exploited, emphasizing the need for immediate patching by site administrators. These flaws allow attackers to execute arbitrary code on vulnerable sites, potentially leading to complete site compromise. The public release of exploit code increases the likelihood of widespread attacks, making timely updates crucial. Administrators of WordPress sites should prioritize applying the latest security patches to prevent exploitation of these vulnerabilities1. The presence of public exploits significantly raises the risk of attacks, as malicious actors can now easily obtain and utilize the exploit code. Therefore, prompt patching is essential to prevent potential site breaches and data compromise, making it a high-priority task for WordPress site administrators to update their sites without delay.