WP Maps Pro bug exploited to create admin accounts on WordPress sites
Summary
A critical vulnerability in the WP Maps Pro plugin for WordPress is being actively exploited by hackers. The flaw allows unauthenticated attackers to create new administrator accounts on vulnerable websites. This could lead to full site compromise and malicious activity.
IFF Assessment
This vulnerability allows attackers to gain administrative access to WordPress sites, which is a significant threat to website security and data integrity.
Severity
The vulnerability allows for unauthorized creation of administrator accounts without any authentication, granting attackers full control over the website. This high severity is due to the critical impact on integrity and availability, and the ease of exploitability.
Defender Context
Website administrators should immediately update the WP Maps Pro plugin to the latest version to patch this vulnerability. Attackers can easily gain full control of sites by creating admin accounts, so prompt patching is crucial to prevent unauthorized access and potential data breaches.