Hackers exploiting WordPress membership plugin bug to create admin accounts

A popular WP plugin can be abused to take over websites and thousands of sites are vulnerable.
TechJuice

Critical WordPress Plugin Bug Can Now Hijack 60,000 Websites With Admin Access

Hackers exploit a critical WordPress plugin flaw that allows creation of administrator accounts without authentication.

WordPress User Registration & Membership Plugin Vulnerability

Critical vulnerability affecting a WordPress user registration and membership plugin enables attackers to take full control of a website.
Homeland Security Today

Multiple Vulnerabilities in the WordPress Ultimate Member Plugin

The Ultimate member plugin version 2.0.45 and lower is affected by multiple vulnerabilities, among them is a critical vulnerability allowing malicious users to read and delete your wp-config.php file, ...
techtimes

WordPress Plugins Hit by Supply Chain Cyberattack, Compromising Thousands of Websites

Several WordPress plugins have reportedly been backdoored in a cyberattack that gave hackers full access and other malicious functions to any website utilizing these plugins. According to researchers ...
TechSpot

WordPress plugin vulnerability poses severe security risk, allows for site takeovers

In a nutshell: Many WordPress plugins are designed to enhance the content management system's ability to quickly and easily share content from almost anywhere on the internet. But one popular ...

WordPress membership plugin bug exploited to create admin accounts

Hackers are exploiting a critical vulnerability in the User Registration & Membership plugin, which is installed on more than ...