Three critical security bugs allow for easy privilege escalation to an administrator role. A WordPress plugin installed on more than 100,000 sites has three critical security bugs that each allow ...

Today it was announced that “critical and severe vulnerabilities” affect a WordPress community building plugin called, Ultimate Member was patched. This vulnerability is easy to exploit and gives the ...

Researchers have discovered critical privilege-escalation vulnerabilities in a WordPress plugin installed in 100k websites. The three flaws in Ultimate Member were detected by Wordfence's Threat ...

Hackers exploit a zero-day privilege escalation vulnerability in the 'Ultimate Member' WordPress plugin to compromise websites by bypassing security measures and registering rogue administrator ...

The Ultimate member plugin version 2.0.45 and lower is affected by multiple vulnerabilities, among them is a critical vulnerability allowing malicious users to read and delete your wp-config.php file, ...

Accounting for over 100,000 active installations on websites that use the WordPress content management system (CMS), Ultimate Member allows webmasters to offer membership, sign-ups, and member profile ...

There was "no complete fix to this issue" and worryingly, "there were indications that this issue was being actively exploited by malicious actors," the firm added. The security researchers recommend ...

WordPress site owners currently using the Ultimate Member plugin are being urged to update to the latest version in order to patch three serious security flaws that could be exploited to launch site ...

The Ultimate Member WordPress plugin enables publishers to create online communities on their websites. The plugin works by creating a frictionless process for user sign-ups and creation of user ...