VulnerabilityBleeping Computer
9.8 — CRITICAL
WP Maps Pro bug exploited to create admin accounts on WordPress sites
Hackers are targeting WordPress websites running a vulnerable version of the WP Maps Pro plugin, which allows creating rogue administrator accounts without authentication. [...]
🤖 AI BriefingAuto-generated threat analysis
🔍Threat Overview
A critical vulnerability in WP Maps Pro plugin (CVE-2026-8732) allows attackers to create rogue administrator accounts on WordPress sites, granting them full control over the website. This exploit has already been observed and malicious activity reported.
⚙️Technical Details
💥Impact Assessment
Severity: Critical
🛡️Recommended Actions
1Update WP Maps Pro plugin to version 6.1.1 or higher
2Disable temporary access feature in WP Maps Pro plugin
3Monitor website activity for suspicious login attempts
📦Affected Products
Product Name: WP Maps Pro pluginVersion Range: 6.1.0 and older
🔐NVD Verified DataVERIFIED
CVE-2026-8732 ↗CVSS 9.8 — CRITICAL
Attack Vector
NETWORK
Complexity
LOW
Vector String
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HWeaknesses
CWE-306
Read the full article
This is a curated summary. The complete article is available at Bleeping Computer.