Skip to main content

Kirki Plugin Flaw Exploited to Hijack WordPress Admin Accounts

Blurred laptop screen on a cluttered desk in a home office showing a website builder interface.

Wordfence blocked over 222 attempts to exploit a critical vulnerability in the Kirki WordPress plugin in the past 24 hours, a sign that attackers are actively weaponizing CVE-2026-8206 against live sites.

CVE-2026-8206 and the Kirki password-reset endpoint

The flaw tracked as CVE-2026-8206 resides in the Kirki - Freeform Page Builder, Website Builder & Customizer plugin and stems from a custom REST API endpoint used for password resets. Because the exposed endpoint is reachable without authentication, an attacker can invoke the plugin’s password-reset logic directly.

How the exploit works: arbitrary email acceptance and handle_forgot_password()

The vulnerability is caused by the plugin’s handle_forgot_password() function accepting an arbitrary email address during password-reset requests. When an attacker supplies a username, the plugin will generate a valid password-reset link for that user but will send the link to the attacker-supplied email address instead of the account owner’s registered address. That behavior enables an unauthenticated attacker to obtain password-reset links for any account registered on the site and take over those accounts simply by controlling the destination email.

Scope: Kirki’s footprint and which versions are at risk

Kirki is active on more than 500,000 websites. The issue was introduced in the major 6.0.0 release and affects plugin versions up to 6.0.6. According to download statistics from WordPress.org cited by Wordfence, nearly 40% of the plugin’s userbase is still running one of the vulnerable versions — a large installed base that increases the urgency of patching.

Detection and timeline: CHOIGYENGMIN, Wordfence (Defiant), and the 6.0.7 fix

The flaw was discovered by security researcher CHOIGYENGMIN, who reported it to Wordfence on May 4, 2026. Wordfence notified the vendor on May 16, and the vendor released a fix in Kirki version 6.0.7 on May 18, 2026. Wordfence — part of the WordPress security firm Defiant — detected active exploitation and reported that its firewall blocked more than 222 attempts against its customers within a single 24‑hour window.

What this means for security teams, site administrators, and end users

  • Security teams and incident responders: The attack requires no authentication and can be launched with minimal skill, so teams should treat the vulnerability as high priority. Where vulnerable Kirki versions remain installed, defenders should check logs for unexpected password-reset requests, unusual account activity, and the indicators of post-compromise actions described below.
  • Site administrators and WordPress maintainers: Owners of sites running Kirki must upgrade to version 6.0.7 immediately or disable the plugin. The vendor’s release on May 18, 2026, is the remedial action noted in the advisory timeline.
  • End users and content owners: If a site administrator account was compromised via this flaw, attackers can perform actions directly visible to users — for example, modifying website content — or invisible actions such as installing persistent backdoors.

Consequences of an admin takeover: persistence, content and data risk

Once an attacker achieves administrator-level access through a hijacked account, the advisory describes several concrete risks: installing malicious plugins, modifying website content, deploying web shells or persistent backdoors, and accessing private databases. Those post-compromise actions can be used both to deface or weaponize a site and to maintain long-term access for further intrusion or data exfiltration.

The combination of a large install base, an easily exploitable REST endpoint, and active exploitation observed by Wordfence makes the practical risk immediate. Site owners running Kirki versions 6.0.0 through 6.0.6 should upgrade to 6.0.7 or disable the plugin without delay; defenders should hunt for evidence of resets and privilege escalations that match the described behavior.

Original story