A critical security vulnerability (CVE-2025-8489) in the WordPress King Addons for Elementor plugin is being actively exploited in the wild. The flaw allows unauthenticated attackers to escalate privileges and grant themselves administrative access by simply specifying the administrator role during registration. This vulnerability has a CVSS score of 9.8, indicating its critical severity. The exploitation allows complete compromise of affected WordPress sites running the vulnerable plugin. Organizations using this plugin should immediately update or remove it to prevent unauthorized administrative access.