WordPress membership plugin bug exploited to create admin accounts

Hackers are exploiting a critical vulnerability in the User Registration & Membership plugin, which is installed on more than ...

WordPress User Registration & Membership Plugin Vulnerability

Critical vulnerability affecting a WordPress user registration and membership plugin enables attackers to take full control of a website.
TechJuice

Critical WordPress Plugin Bug Can Now Hijack 60,000 Websites With Admin Access

Hackers exploit a critical WordPress plugin flaw that allows creation of administrator accounts without authentication.
Threat Post

Ultimate Member Plugin for WordPress Allows Site Takeover

Three critical security bugs allow for easy privilege escalation to an administrator role. A WordPress plugin installed on more than 100,000 sites has three critical security bugs that each allow ...
Homeland Security Today

Multiple Vulnerabilities in the WordPress Ultimate Member Plugin

The Ultimate member plugin version 2.0.45 and lower is affected by multiple vulnerabilities, among them is a critical vulnerability allowing malicious users to read and delete your wp-config.php file, ...
Bleeping Computer

Hackers exploit zero-day in Ultimate Member WordPress plugin with 200K installs

Hackers exploit a zero-day privilege escalation vulnerability in the 'Ultimate Member' WordPress plugin to compromise websites by bypassing security measures and registering rogue administrator ...
Searchenginejournal.com

WordPress Ultimate Member Plugin Vulnerability

Today it was announced that “critical and severe vulnerabilities” affect a WordPress community building plugin called, Ultimate Member was patched. This vulnerability is easy to exploit and gives the ...

Hackers exploiting WordPress membership plugin bug to create admin accounts

A popular WP plugin can be abused to take over websites and thousands of sites are vulnerable.