Searchenginejournal.com

Ultimate Member WordPress Plugin Vulnerability Allows Full Site Takeover

Ultimate Member WordPress plugin vulnerability, with over 200,000 active installations is being actively exploited on unpatched WordPress sites. The vulnerability is said to require trivial effort to ...
Homeland Security Today

Multiple Vulnerabilities in the WordPress Ultimate Member Plugin

The Ultimate member plugin version 2.0.45 and lower is affected by multiple vulnerabilities, among them is a critical vulnerability allowing malicious users to read and delete your wp-config.php file, ...
Ars Technica

Critical WordPress plugin vulnerability under active exploit threatens thousands

Thousands of sites running WordPress remain unpatched against a critical security flaw in a widely used plugin that was being actively exploited in attacks that allow for unauthenticated execution of ...
Ars Technica

Hackers try to exploit WordPress plugin vulnerability that’s as severe as it gets

Hackers are assailing websites using a prominent WordPress plugin with millions of attempts to exploit a high-severity vulnerability that allows complete takeover, researchers said. The vulnerability ...
CSO Online

WordPress plugin hole enables account takeover

What makes this now-patched plugin hole especially dangerous is the lack of authentication needed for an attack, which can ...

WordPress security plugin exposes private data to site subscribers

The Anti-Malware Security and Brute-Force Firewall plugin for WordPress, installed on over 100,000 sites, has a vulnerability ...