Security flaw puts 200,000 WordPress websites at risk

Around 200,000 WordPress websites are at risk of being attacked by exploiting an unpatched security flaw in the Ultimate Member plugin.

According to The Hacker News, the vulnerability, with tracking code CVE-2023-3460 (CVSS score 9.8), exists in all versions of the Ultimate Member plugin (extension) including the latest version (2.6). .6) was released on June 29, 2023.

Ultimate Member is a popular plugin for creating user and community profiles on WordPress websites. This utility also provides account management features.

WPScan – WordPress security company says this security flaw is very serious, through which attackers can exploit them to create new user accounts with administrative privileges, giving hackers complete control. affected websites

Related posts

Google launches Gemini 2.0 – comprehensive AI that can replace humans

NVIDIA RTX 5090 can be 70% more powerful than RTX 4090?

iOS 18.2 launched with a series of groundbreaking AI features