CVE-2026-8206
-
Critical Kirki flaw lets attackers take over WordPress admin accounts
Hackers are exploiting a critical flaw in the Kirki WordPress plugin to hijack user accounts, including admins, with more than 222 attack attempts blocked in 24 hours, according to Wordfence.
