Threat Post

Ultimate Member Plugin for WordPress Allows Site Takeover

Three critical security bugs allow for easy privilege escalation to an administrator role. A WordPress plugin installed on more than 100,000 sites has three critical security bugs that each allow ...
TechRepublic

How to create members-only content on WordPress

WordPress is one of the most widely-used website-building frameworks on the market, and with good reason. Although WordPress was originally designed for nothing more than blogging, it has since become ...
Bleeping Computer

Hackers exploit zero-day in Ultimate Member WordPress plugin with 200K installs

Hackers exploit a zero-day privilege escalation vulnerability in the 'Ultimate Member' WordPress plugin to compromise websites by bypassing security measures and registering rogue administrator ...
ZDNet

Critical privilege escalation bugs squashed in WordPress Ultimate Member plugin

Accounting for over 100,000 active installations on websites that use the WordPress content management system (CMS), Ultimate Member allows webmasters to offer membership, sign-ups, and member profile ...
Bleeping Computer

WordPress membership plugin bug exploited to create admin accounts

Hackers are exploiting a critical vulnerability in the User Registration & Membership plugin, which is installed on more than 60,000 WordPress sites. Developed by WPEverest, the plugin provides ...
Searchenginejournal.com

WordPress Ultimate Member Plugin Vulnerability

Today it was announced that “critical and severe vulnerabilities” affect a WordPress community building plugin called, Ultimate Member was patched. This vulnerability is easy to exploit and gives the ...
Searchenginejournal.com

Ultimate Member WordPress Plugin Vulnerability Allows Full Site Takeover

The Ultimate Member WordPress plugin enables publishers to create online communities on their websites. The plugin works by creating a frictionless process for user sign-ups and creation of user ...