WP Maps Pro bug exploited to create admin accounts on WordPress sites
ID: 8903cdb1-92e1-5a4f-b78c-9b273de2d13f
STIX ID: report--8903cdb1-92e1-5a4f-b78c-9b273de2d13f
Feed Name: Bleeping Computer
Threat Score
**WP Maps Pro critical vulnerability (CVE-2026-8732) allows unauthenticated attackers to create rogue administrator accounts and generate passwordless login URLs via an exposed temporary-access AJAX endpoint; researchers observed thousands of blocked exploitation attempts and the vendor released a patched version 6.1.1—site administrators should update immediately.**
Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.