> TritonInfoSec News
Home / Jun 02, 2026 / Story
0
#9 The Hacker News general June 01, 2026 at 08:45 UTC

Critical WP Maps Pro Flaw Actively Exploited to Create Admin Accounts

By [email protected] (The Hacker News)

AI Summary

CVE-2026-8732, a critical unauthenticated privilege escalation flaw in the WP Maps Pro WordPress plugin (with over 15,000 Envato Market sales), is being actively exploited to create rogue administrator accounts on vulnerable sites. The plugin allows embedding Google Maps and OpenStreetMap features, making it a widely deployed target. WordPress site owners using WP Maps Pro should update immediately and audit admin user lists for unauthorized accounts.

Read full article → https://thehackernews.com/2026/06/critical-wp-maps…

Relevance score: 76.0/100

# More from June 02

  1. 1
    Critical Windows Netlogon RCE flaw now exploited in attacks BleepingComputer
  2. 2
    Recent Palo Alto Networks Vulnerability Exploited for Weeks SecurityWeek
  3. 3
    Miasma Supply Chain Attack Compromises Red Hat npm Packages with Credential-Stealing Worm The Hacker News
  4. 4
    Hackers Used Meta’s AI Support Bot to Seize Instagram Accounts Krebs on Security
  5. 5
    Dutch Authorities Dismantle Botnet Linked to 17 Million Infected Devices The Hacker News
  6. 6
    19-Year-Old Linux Kernel Vulnerability Exposes Systems to Root Access SecurityWeek
  7. 7
    OpenAI Codex Authentication Tokens Stolen in codexui-android npm Supply Chain Attack The Hacker News
  8. 8
    Inspector general finds NIST mistakes have made vulnerability database ineffective The Record
  9. 10
    Microsoft says it will not pursue security researchers after zero-day backlash The Record