Close Menu
Most Read

Critical WP Maps Pro flaw enables admin account creation via exploit

Staff WriterBy No Comments2 Mins Read2 Views

Summary Points

  1. Threat actors are actively exploiting a privilege escalation flaw in WP Maps Pro (CVE-2026-8732) to create malicious admin accounts and hijack WordPress sites.
  2. The vulnerability allows unauthenticated attackers to fully compromise a site by triggering a process that unconditionally creates admin users via an insecure temporary access feature.
  3. Over 2,800 attacks targeting this flaw have been blocked in the past 24 hours, highlighting the critical need for site owners to update to the patched version 6.1.1 immediately.

Threat, Attack Techniques, and Targets

Threat actors are actively exploiting a critical security flaw in WP Maps Pro, a popular WordPress plugin. The plugin has over 15,000 sales on the Envato Market. The flaw allows attackers to create admin accounts without permission. They can log in as an administrator and take control of the entire website. The vulnerability is identified as CVE-2026-8732 and has a high severity score of 9.8.

Attackers use a flaw in a “temporary access” feature meant for support staff. This feature is supposed to be safe but is not. It lets anyone invoke certain functions without proper checks. These functions let attackers create a new admin user and generate a magic login URL. When someone visits this URL, the attacker immediately gets full admin rights.

The flaw affects all versions of WP Maps Pro up to 6.1.0. Since a patch was released in version 6.1.1, sites running vulnerable versions are at risk. The attack technique involves exploiting the AJAX function to bypass security and gain unauthorized access.

Impact, Security Implications, and Remediation Guidance

The impact of this flaw is significant. Attackers can fully control affected websites. They can add malicious admin users, steal data, and modify site content. This creates a major security risk for website owners.

The security implication is that the flaw allows for complete site compromise. Because of the active exploitation, site owners must act quickly. According to reports, over 2,800 attacks have been blocked in just one day.

For remediation, site owners should update the plugin to version 6.1.1 or later. If an update is not available, they should consult the plugin vendor or relevant security authority for further guidance. It is essential to patch vulnerable sites to prevent attacks and protect data.

Discover More Technology Insights

Learn how the Internet of Things (IoT) is transforming everyday life.

Explore past and present digital transformations on the Internet Archive.

ThreatIntel-V1

Share.
Avatar photo

John Marcelli is a staff writer for the CISO Brief, with a passion for exploring and writing about the ever-evolving world of technology. From emerging trends to in-depth reviews of the latest gadgets, John stays at the forefront of innovation, delivering engaging content that informs and inspires readers. When he's not writing, he enjoys experimenting with new tech tools and diving into the digital landscape.

Related Posts

Comments are closed.