@andrewfeeney It feels over-hyped, as PHP security issues often are. 😔
I'm 50/50 on it being an interesting academic vulnerability that affects a very specific configuration and some specific apps, vs it affecting apps like WordPress that try to do magic language handling.