WP Maps Pro WordPress flaw exploited to create admin accounts
3 Articles
3 Articles
WP Maps Pro WordPress flaw exploited to create admin accounts
A critical vulnerability in WP Maps Pro, a commercial WordPress plugin with more than 15,000 sales on the Envato Market, is being actively exploited by attackers to create malicious administrator accounts on vulnerable sites. The flaw, tracked as CVE-2026-8732 with a CVSS score of 9.8, allows unauthenticated users to gain full administrative control of any WordPress installation […] This story continues at The Next Web
A vulnerability in WP Maps Pro was exploited, leading to a change of control of the WordPress website.
Critical WP Maps Pro Flaw Actively Exploited to Create Admin Accounts
Threat actors are attempting to actively exploit a critical security flaw impacting WP Maps Pro, a WordPress plugin that has had over 15,000 sales on the Envato Market, to create malicious administrator accounts on susceptible sites. WP Maps Pro allows site owners to embed customizable Google Maps and OpenStreetMap with markers, listings, and advanced location features on WordPress sites. It is
Coverage Details
Bias Distribution
- 100% of the sources lean Left
Factuality
To view factuality data please Upgrade to Premium