A critical unauthenticated privilege escalation vulnerability in WP Maps Pro, a widely used WordPress mapping plugin with over 15,000 sales on CodeCanyon, is being actively exploited by threat actors to create rogue administrator accounts. Tracked as CVE-2026-8732, the flaw carries a maximum CVSS score of 9.8 (Critical) and affects all plugin versions up to and including 6.1.0. The vulnerability […]
The post Critical WP Maps Pro Flaw Lets Attackers Create Admin Accounts appeared first on Cyber Security News.