CRITICALVulnerability
Global

Critical WP Maps Pro Flaw Actively Exploited to Create Admin Accounts

·Source: The Hacker News

Updated:

Executive Summary

Threat actors are attempting to actively exploit a critical security flaw impacting WP Maps Pro, a WordPress plugin that has had over 15,000 sales on the Envato Market, to create malicious administrator accounts on susceptible sites. WP Maps Pro allows site owners to embed customizable Google Maps and OpenStreetMap with markers, listings, and advanced location features on WordPress sites. It is

Analysis

Threat actors are attempting to actively exploit a critical security flaw impacting WP Maps Pro, a WordPress plugin that has had over 15,000 sales on the Envato Market, to create malicious administrator accounts on susceptible sites. WP Maps Pro allows site owners to embed customizable Google Maps and OpenStreetMap with markers, listings, and advanced location features on WordPress sites. It is
Source Attribution

Originally published by The Hacker News on Jun 1, 2026.

Related Threats

MEDIUMVulnerabilityNEW

FSB Group Gamaredon Hides Worm in Windows Data Streams

FSB-linked Gamaredon concealed a fileless worm in NTFS data streams to spy on Ukraine targets

Infosecurity Magazine
MEDIUMVulnerabilityNEW

Microsoft fixes KB5089549 Windows security update install issues

Microsoft has resolved a known issue causing installation failures and 0x800f0922 errors when deploying the May 2026 Windows 11 security update (KB5089549). [...]

BleepingComputer
MEDIUMVulnerability

Hercle appoints Gabriele Zuliani chief revenue officer

Hercle, the leading institutional cross-border payments infrastructure company, today announced the appointment of Gabriele Zuliani as Chief Revenue Officer. Zuliani joins to drive commercial strategy and revenue growth as Hercle scales its network of 200+ institutional clients, including banks, fintechs, PSPs, and corporate treasuries, across global corridors.

Finextra