Summary
Attackers are actively exploiting a critical privilege escalation vulnerability (CVE-2026-23800) in the Modular DS WordPress plugin to gain full administrative control.
Take Action:
If you are using Modular DS plugin for Wordpress, this is urgent. Your sites are being attacked. Immediately update Modular DS to version 2.6.0 and scan your user list for unauthorized accounts like 'PoC Admin'.
Read the full article on BeyondMachines
This article was originally published on BeyondMachines
Top comments (0)