News Critical auth bypass in Burst Statistics plugin puts 200,000 WordPress sites at risk June 2, 2026 / June 2, 2026 by Alex Mira | Leave a Comment A critical auth bypass in the Burst Statistics WordPress plugin (CVE-2026-8181) could let attackers impersonate admins via the REST API. A patch is available; update now. A separate low-severity bypass in Advanced Access Manager (CVE-2026-42674) is fixed in 7.1.1. Read more » Advanced Access Manager Authentication bypass Burst Statistics CVE-2026-8181 Patch management Vulnerabilities WordPress security
News CVE-2026-8732: WP Maps Pro flaw enables unauthenticated admin account creation June 2, 2026 / June 2, 2026 by Alex Mira | Leave a Comment CVE-2026-8732 in WP Maps Pro allows unauthenticated creation of administrator accounts on WordPress sites. Update to the patched release and verify there are no unexpected admin users. Read more » CVE-2026-8732 Plugin vulnerability Privilege escalation Site takeover Wordfence WordPress security WP Maps Pro
