WordPress Plugin Vulnerability Exposes 500,000+ Websites to Privilege Escalation Attacks

📅 3 June 2026 at 14:11 UTC📰 Cyber Security NewsView original source ↗

A critical security flaw in the widely used Kirki WordPress plugin has exposed over 500,000 websites to potential account takeover attacks, with researchers warning that approximately 150,000 sites are actively vulnerable due to affected versions. Tracked as CVE-2026-8206 with a CVSS score of 9.8, the vulnerability impacts Kirki plugin versions 6.0.0 through 6.0.6. The issue […] The post WordPress Plugin Vulnerability Exposes 500,000+ Websites to Privilege Escalation Attacks appeared first on Cyber Security News.

Read the full article

This is a curated summary. The complete article is available at Cyber Security News.

Read on Cyber Security News ↗

← Back to feed