1 comment

[ 6.1 ms ] story [ 15.8 ms ] thread
The Ultimate Member WordPress plugin (200,000+ active installs) has an unpatched vulnerability that is being actively exploited.

While the authors have attempted to patch the issue across versions 2.6.4 to 2.6.6, the vulnerability remains.

WPScan and Jetpack security researchers have been actively submitting feedback regarding a proper fix.