Sucuri , the company that discovered Vulnerability-related.DiscoverVulnerability the flaw and responsibly reported Vulnerability-related.DiscoverVulnerability it to the WordPress security team , spotted four distinct defacement campaigns in the 48 hours after the existence of the bug was publicly revealed Vulnerability-related.DiscoverVulnerability . Three of them have had limited impact , but one – “ signed ” by someone that goes by “ w4l3XzY3 ” – has resulted in the compromise of 86,000 pages and counting . Sucuri CTO Daniel Cid expects the defacement campaigns to slow down in the coming days , only to be followed by SEO spam ( Search Engine Poisoning ) attempts . “ There ’ s already a few exploit attempts that try to add spam images and content to a post . Due to the monetization possibilities , this will likely be the # 1 route to abuse this vulnerability , ” he noted .