On November 27, 2016, it was reported that hacker C10N3R Se7eN of the Iran Cyber Security Group had discovered a full path disclosure vulnerability in Wordpress and exploited it by defacing a U.S. Government website based in Princeton, TX. The vulnerability was found in Wordpress Twentyfourteen Theme (Default Theme) Full Path Disclosure.
Source: irancybernews.org, November 27, 2016
November 29, 2016