WP Maps Pro bug exploited to create admin accounts on WordPress sites

Sunday, May 31, 2026 at 02:06 PM UTC·Source: BleepingComputer

Updated: Sunday, May 31, 2026 at 03:00 PM UTC

Executive Summary

Hackers are targeting WordPress websites running a vulnerable version of the WP Maps Pro plugin, which allows creating rogue administrator accounts without authentication. [...]

Analysis

Hackers are targeting WordPress websites running a vulnerable version of the WP Maps Pro plugin, which allows creating rogue administrator accounts without authentication. [...]

Source Attribution

Originally published by BleepingComputer on May 31, 2026.

Related Threats

MEDIUMVulnerability

YARA-X 1.17.0 Release, (Sun, May 31st)

YARA-X&&#x23;x26;&#x23;39;s 1.17.0 release brings 5 improvements (several performance improvements) and 1 bugfix.

1h agoSANS ISC

MEDIUMVulnerability

Click Or Trick (CVE-2025-59199): Escaping the Sandbox with Windows URIs

[object Object]

CVE-2025-59199

10h agor/blueteamsec

MEDIUMVulnerability

Palo Alto GlobalProtect VPN auth bypass flaw now exploited in attacks

Palo Alto Networks is warning that hackers are now exploiting a PAN-OS GlobalProtect authentication bypass flaw, tracked as CVE-2026-0257, in attacks attempting to breach corporate networks. [...]

CVE-2026-0257

23h agoBleepingComputer