Portsuppe

Critical Kirki flaw exploited to hijack WordPress admin accounts

BleepingComputer·43d·Media

Hackers are exploiting a critical privilege escalation vulnerability (CVE-2026-8206) in the Kirki plugin for WordPress to take over any user account, including those belonging to administrators. [...]

Categories cybersecurity · government-security · data-protection
Original source / advisory
Published
6/2/2026, 10:12:57 PM
Fetched
6/4/2026, 12:19:37 PM
Trust
media · 60/100
Language
en