The Latest in IT Security

Hackers Exploiting Unpatched WordPress Plugin Flaw to Create Secret Admin Accounts

01
Jul
2023
Hackers Exploiting Unpatched WordPress Plugin Flaw to Create Secret Admin Accounts

image credit: unsplash

As many as 200,000 WordPress websites are at risk of ongoing attacks exploiting a critical unpatched security vulnerability in the Ultimate Member plugin.

The flaw, tracked as CVE-2023-3460 (CVSS score: 9.8), impacts all versions of the Ultimate Member plugin, including the latest version (2.6.6) that was released on June 29, 2023.

Ultimate Member is a popular plugin that facilitates the creation of user-profiles and communities on WordPress sites. It also provides account management features.

Related posts:
  1. Large-Scale Attack Targeting Tatsu Builder WordPress Plugin
  2. WordPress 6.0.2 Patches Vulnerability That Could Impact Millions of Legacy Sites
  3. CISA: Top Vulnerabilities Actively Exploited by China Hackers
  4. WordPress sites are being attacked with another major plugin hack
  5. Hackers Exploited Zero-Day Bug for 8 Months, Barracuda Warns

Read More

Tags:  
Written by Thehackernews
0 Comments
Comments are closed.

Categories

SUNDAY, APRIL 28, 2024
WHITE PAPERS

Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...

Featured

Archives

Latest Comments