Critical vulnerability in WP Maps Pro (CVE-2026-8732): admin account creation

Colleagues, please note: a critical vulnerability has been discovered in the WP Maps Pro plugin.
What happened:
- CVE-2026-8732 (CVSS 9.8) allows unauthenticated attackers to create administrator accounts.
- Vulnerable versions up to and including 6.1.0; fixed in 6.1.1.
- The issue stems from the temporary access feature and improper nonce validation.
- Researcher: David Brown; Wordfence recorded mass attacks over the past 24 hours.
Why it matters: an attacker can obtain full site control.
Have you updated your sites to 6.1.1?
#cybersecurity #WordPress #vulnerabilities #infosec


Latest comments
No comments yet.