Bleeping Computer

Hackers exploit zero-day in Ultimate Member WordPress plugin with 200K installs

Hackers exploit a zero-day privilege escalation vulnerability in the 'Ultimate Member' WordPress plugin to compromise websites by bypassing security measures and registering rogue administrator ...
Infosecurity-magazine.com

Vulnerabilities Affect 100,000 Sites Using WordPress Plugin

Researchers have discovered critical privilege-escalation vulnerabilities in a WordPress plugin installed in 100k websites. The three flaws in Ultimate Member were detected by Wordfence's Threat ...