WordPressJul 1, 2026 · 8 min read
CVE-2026-8181: Critical Burst Statistics Flaw Lets Attackers Take Over WordPress Admin Accounts
CVE-2026-8181 lets attackers hijack WordPress admin accounts through Burst Statistics with one request. Patch to version 3.4.2 now, 200,000 sites affected.
Read article