TechSecInfo

The tech + cyber briefing: what happened, why it matters, and where it came from.

Cyber Security

WordPress King Addons Flaw Under Active Attack Lets Hackers Make Admin Accounts

By rooter

A critical security flaw impacting a WordPress plugin known as King Addons for Elementor has come under active exploitation in the wild.
The vulnerability, CVE-2025-8489 (CVSS score: 9.8), is a case of privilege escalation that allows unauthenticated attackers to grant themselves administrative privileges by simply specifying the administrator user role during registration.
It affects versions

Oh hi there 👋
It’s nice to meet you.

Sign up to receive awesome content in your inbox, every month.

We don’t spam! Read our privacy policy for more info.

Oh hi there 👋
It’s nice to meet you.

Sign up to receive awesome content in your inbox, every month.

We don’t spam! Read our privacy policy for more info.

By rooter

Related Post

Cyber Security

Reinforcing Steel Suppliers: Building Strong Foundations for Every Project

rooter
Cyber Security

AI Agents: The Next Wave Identity Dark Matter – Powerful, Invisible, and Unmanaged

rooter
Cyber Security

Starkiller Phishing Suite Uses AitM Reverse Proxy to Bypass Multi-Factor Authentication

rooter

Leave a Reply

You Missed

News

With developer verification, Google’s Apple envy threatens to dismantle Android’s open legacy

News

Phishing campaign exploits OAuth redirection to bypass defenses

News

As War Continues, Pro-Iranian Actors Launch Barrage of Cyberattacks

News

We’ve Got Terrible News for the Dozen People Who Love ‘The Mummy: Tomb of the Dragon Emperor’