Still increasing. Do updating you WordPress ASAP. I read some articles and also got an email about this from my ISP. So I’m writing this.
I talked about this with くりくりさん on Twitter. I first mentioned it on February 6. It was because of my finding a 徳丸’s post, “WordPress 4.7.1 の権限昇格脆弱性について検証した”.
Yesterday, Security Next told us some IP addresses about attackers. I checked up on my log last night. I found an access from one of questionable IP addresses, which was on February 6. It caused 500 error on my server. Maybe because my WordPress was already version 4.7.2 at this point.
Its user-agent is python-requests/2.11.1 and its destination is /wp-json/wp/v2/posts/.
WordPress 4.7.2 was released more than a week ago, and WordPress has an auto-update feature enabled by default, along with an easy manual update process. Despite this, this situation. It’s indeed disappointing.