About 200,000 WordPress websites are at risk of being attacked by hackers due to a very dangerous vulnerability in the Ultimate Member plugin. This vulnerability, identified with the code CVE-2023-3460, has affected all versions of the mentioned plugin.
Related posts:
Ultimate Member is one of the popular WordPress plugins that eases the process of creating a profile and community on WordPress websites and also provides account management features. Currently, the details of the vulnerability of this plugin have not been revealed to prevent further abuse by hackers, but this security hole is supposed to be fixed with an update.
Currently, several temporary updates have been released to fix the said vulnerability, but reports indicate that none of these updates have completely fixed the said problem. By using this vulnerability, hackers have managed to upload malicious themes and plugins in the admin panel of their desired websites. Therefore, it is recommended that Ultimate Member users temporarily disable this plugin until a comprehensive update is released.
Source: The Hacker News
Latest Passing over countries : Spain | Dominica | United Arab Emirates
RCO NEWS
