News CVE-2026-8206: Password reset flaw in Kirki plugin could enable account takeover June 2, 2026 / June 2, 2026 by Alex Mira | Leave a Comment CVE-2026-8206 affects Kirki 6.0.0–6.0.6, allowing password reset emails to be sent to attacker-controlled addresses. Update from the WordPress directory now. Read more » Account Takeover CVE-2026-8206 Kirki Plugin security Privilege escalation vulnerability wordpress
News CVE-2026-8732: WP Maps Pro flaw enables unauthenticated admin account creation June 2, 2026 / June 2, 2026 by Alex Mira | Leave a Comment CVE-2026-8732 in WP Maps Pro allows unauthenticated creation of administrator accounts on WordPress sites. Update to the patched release and verify there are no unexpected admin users. Read more » CVE-2026-8732 Plugin vulnerability Privilege escalation Site takeover Wordfence WordPress security WP Maps Pro
News CVE-2026-43500: Linux rxrpc shared‑fragment bug tied to “Dirty Frag” page‑cache writes May 14, 2026 / May 14, 2026 by Alex Mira | Leave a Comment CVE-2026-43500 fixes a Linux rxrpc flaw in how shared packet fragments are handled. It’s linked to the “Dirty Frag” chain enabling page‑cache writes and local root. Update kernels promptly. Read more » CVE-2026-43500 Dirty Frag Linux kernel Privilege escalation rxrpc Security updates vulnerability
