SECURITYTHE HACKER NEWS
Critical WP Maps Pro Flaw Actively Exploited to Create Admin Accounts
Threat actors are exploiting a critical security flaw in the WP Maps Pro WordPress plugin to create malicious administrator accounts. The plugin, which allows embedding customizable Google Maps and OpenStreetMap with location features, has over 15,000 sales on the Envato Market.
Mentioned
Related Signal
Adjacent reporting
- WP Maps Pro bug exploited to create admin accounts on WordPress sites
- Funnel Builder Flaw Under Active Exploitation Enables WooCommerce Checkout Skimming
- Flaw in Claude’s Chrome extension allowed ‘any’ other plugin to hijack victims’ AI
- Avada Builder WordPress plugin flaws allow site credential theft
- WordPress plugin suite hacked to push malware to thousands of sites
- JSON Formatter Chrome Plugin Now Closed and Injecting Adware