Vulnerability in WordPress Plugin threatens Website takeover
Vulnerability in WordPress Plugin threatens Website takeover
Threat Level
Vulnerability Report
For a detailed threat advisory, download the pdf file here
Summary
WordPress Ultimate Member Plugin, with over 200K installations helps in streamlining user registration and login processes. It has been found vulnerable to unauthenticated privilege escalation, posing a potential risk of website takeover by attackers.
To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn.