Exploit for CVE-2026-8732

CVE-2026-8732 — WP Maps Pro ≤ 6.1.0 ♡ Unauthenticated Privil...

WordPress plugin WP Maps Pro 访问控制错误漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

VulnCheck KEV: CVE-2026-8732

The WP Maps Pro plugin for WordPress is vulnerable to Privilege Escalation via Administrator Account Creation in all versions up to, and including, 6.1.0. This is due to the wpgmptempaccessajax AJAX action being registered with wpajaxnopriv and protected only by a nonce check using the...

15,000 WordPress Sites Affected by Administrator Account Creation Vulnerability in WP Maps Pro WordPress Plugin

On March 24th, 2026, we received a submission for an Unauthenticated Administrator Account Creation vulnerability in WP Maps Pro, a WordPress plugin with more than 15,000 sales. This vulnerability makes it possible for unauthenticated attackers to create new administrator accounts on the affected...