Searchenginejournal.com

Ultimate Member WordPress Plugin Vulnerability Allows Full Site Takeover

Ultimate Member WordPress plugin vulnerability, with over 200,000 active installations is being actively exploited on unpatched WordPress sites. The vulnerability is said to require trivial effort to ...
Bleeping Computer

WordPress plugin bugs can let attackers hijack up to 100K sites

Admins of WordPress sites who use the Ultimate Member plugin are urged to update it to the latest version to block attacks attempting to exploit multiple critical and easy to exploit vulnerabilities ...
Homeland Security Today

Multiple Vulnerabilities in the WordPress Ultimate Member Plugin

The Ultimate member plugin version 2.0.45 and lower is affected by multiple vulnerabilities, among them is a critical vulnerability allowing malicious users to read and delete your wp-config.php file, ...
ZDNet

Critical privilege escalation bugs squashed in WordPress Ultimate Member plugin

Accounting for over 100,000 active installations on websites that use the WordPress content management system (CMS), Ultimate Member allows webmasters to offer membership, sign-ups, and member profile ...
Infosecurity-magazine.com

Vulnerabilities Affect 100,000 Sites Using WordPress Plugin

Researchers have discovered critical privilege-escalation vulnerabilities in a WordPress plugin installed in 100k websites. The three flaws in Ultimate Member were detected by Wordfence's Threat ...