CVE-2026-8206 - Kirki 6.0.0 - 6.0.6 - Unauthenticated Privilege Escalation via 'handle_forgot_password'
CVE ID :CVE-2026-8206 Published : June 2, 2026, 4:17 a.m. | 56 minutes ago Description :The Kirki – Freeform Page Builder, Website Builder & Customizer plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions 6.0.0 to 6.0.6. This is due to the plugin...