A new bug has been discovered in the WordPress content management system that allows hackers to take control of websites using the platform. The vulnerability was found in the WordPress REST API, which is used to access and manipulate data on WordPress websites. The bug allows attackers to gain access to the website's backend and make changes to the site's content and settings without the website owner's knowledge or consent. The vulnerability affects all versions of WordPress prior to version 6+, and it is recommended that all website owners using these versions update their website immediately.