Threat Post

Ultimate Member Plugin for WordPress Allows Site Takeover

Three critical security bugs allow for easy privilege escalation to an administrator role. A WordPress plugin installed on more than 100,000 sites has three critical security bugs that each allow ...

60,000 WordPress sites at risk due to plugin security flaw

Hackers can now take over WordPress sites instantly using a simple plugin flaw ...
Searchenginejournal.com

WordPress Membership Plugin Flaw Exposes Sensitive Stripe Data

The Membership Plugin – Restrict Content By StellarWP is used by WordPress sites to manage paid and private content. It enables site owners to restrict access to pages, posts, or other resources so ...
Bleeping Computer

Hackers exploit zero-day in Ultimate Member WordPress plugin with 200K installs

Hackers exploit a zero-day privilege escalation vulnerability in the 'Ultimate Member' WordPress plugin to compromise websites by bypassing security measures and registering rogue administrator ...
Searchenginejournal.com

Ultimate Member WordPress Plugin Vulnerability Allows Full Site Takeover

The Ultimate Member WordPress plugin enables publishers to create online communities on their websites. The plugin works by creating a frictionless process for user sign-ups and creation of user ...