Ultimate Member Plugin for WordPress Allows Site Takeover – Threatpost


Three critical security bugs allow for easy privilege escalation to an administrator role.

A WordPress plugin installed on more than 100,000 sites has three critical security bugs that each allow privilege escalation – and potentially full control over a target WordPress site.

The plugin, called Ultimate Member, allows web admins to add user profiles and membership areas to their web destinations. According to Wordfence researchers, the flaws make it possible for both…


More Info

About mblog.my

Check Also

AudioDots Launches a TTS WordPress plugin

Text-to-Speech Solution is now available for WordPress based news publications, easily streaming audio to users …

Leave a Reply

Your email address will not be published. Required fields are marked *