How the Exploit Works
A critical security vulnerability has been discovered in WP Maps Pro, a WordPress plugin with over 15,000 sales. The flaw allows unauthenticated attackers to create administrator accounts on affected websites, giving them full control. The issue stems from a “temporary access” feature intended to let support staff log into customer sites for troubleshooting.
Attackers can invoke a specific function without proper authentication checks. A nonce used to protect the function is publicly embedded on every frontend page of the site, making it useless as a security barrier. This allows the attacker to create a new user with administrator privileges and receive a magic login link that fully authenticates them.
Impact and Remediation
All versions of WP Maps Pro up to and including version 6.1.0 are vulnerable. The plugin developer has released version 6.1.1 to address the flaw. Site owners using this plugin should update immediately to prevent takeover attempts.
Active exploitation has been observed in the wild, according to security researchers. The vulnerability carries a severity score of 9.8 out of 10. Security researcher David Brown discovered and reported the issue. For administrators, checking for unknown administrator accounts and reviewing recent user creation activity is recommended to detect potential compromises.
Source: The Hacker News
