1 story taggedwebsite security.
CVE-2026-8732 lets attackers create administrator accounts without credentials — and exploitation is already underway against live WordPress installations.