URL has been copied successfully!
Critical Kirki flaw exploited to hijack WordPress admin accounts
URL has been copied successfully!

Collecting Cyber-News from over 60 sources

Critical Kirki flaw exploited to hijack WordPress admin accounts


Tags: , , , ,

Hackers are exploiting a critical privilege escalation vulnerability (CVE-2026-8206) in the Kirki plugin for WordPress to take over any user account, including those belonging to administrators.

First seen on bleepingcomputer.com

Jump to article: www.bleepingcomputer.com/news/security/critical-kirki-flaw-exploited-to-hijack-wordpress-admin-accounts/

Loading

Share via Email
Share on Facebook
Tweet on X (Twitter)
Share on Whatsapp
Share on LinkedIn
Share on Xing
Copy link

also interesting:

  1. CVE-2025-5947: WordPress Plugin flaw lets hackers access Admin accounts
  2. Hackers Exploit WordPress Arbitrary Installation Vulnerabilities in the Wild
  3. Wordfence blocks 8.7M attacks exploiting old GutenKit and Hunk Companion flaws
  4. Hackers exploit critical auth bypass flaw in JobMonster WordPress theme