Sucuri released today details of a new vulnerability in WordPress. Full details can be found here:

https://blog.sucuri.net/2017/02/content-injection-vulnerability-wordpress-rest-api.html

If you are running WordPress 4.7.1 then it is critical that you update immediately to 4.7.2. For older WordPress versions, if you have the REST API enabled then you also need to upgrade.

Contact Reliable Penguin at support@reliablepenguin.com if you need assistance.