Hackers Exploiting Unpatched WordPress Plugin Flaw to Create Secret Admin Accounts <!-- wp:html --><p>As many as 200,000 WordPress websites are at risk of ongoing attacks exploiting a critical unpatched security vulnerability in the Ultimate Member plugin.<br /> The flaw, tracked as CVE-2023-3460 (CVSS score: 9.8), impacts all versions of the Ultimate Member plugin, including the latest version (2.6.6) that was released on June 29, 2023.<br /> Ultimate Member is a popular plugin that facilitates the <a href="http://thehackernews.com/2023/07/unpatched-wordpress-plugin-flaw-could.html" target="_blank" class="feedzy-rss-link-icon" rel="noopener">Read More</a> </p> <p>The Hacker News | #1 Trusted Cybersecurity News Site </p><!-- /wp:html -->
As many as 200,000 WordPress websites are at risk of ongoing attacks exploiting a critical unpatched security vulnerability in the Ultimate Member plugin.
The flaw, tracked as CVE-2023-3460 (CVSS score: 9.8), impacts all versions of the Ultimate Member plugin, including the latest version (2.6.6) that was released on June 29, 2023.
Ultimate Member is a popular plugin that facilitates the Read More
The Hacker News | #1 Trusted Cybersecurity News Site
