all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

WordPress sites using the Ultimate Member plugin are under attack

Add to bookmarks
July 2, 2023, 6:36 a.m. | Pierluigi Paganini

Security Affairs securityaffairs.co

Threat actors are exploiting a critical WordPress zero-day in the Ultimate Member plugin to create secret admin accounts. Hackers are actively exploiting a critical unpatched WordPress Plugin flaw, tracked as CVE-2023-3460 (CVSS score: 9.8), to create secret admin accounts. Ultimate Member is a popular user profile and membership plugin for WordPress, it allows admins to […]


The post WordPress sites using the Ultimate Member plugin are under attack appeared first on Security Affairs.

accounts attack breaking news critical cve cvss exploiting flaw hackers hacking information security news it information security pierluigi paganini plugin popular profile score secret threat threat actors ultimate member under unpatched user profile wordpress wordpress plugin zero-day

Visit resource

More from securityaffairs.co / Security Affairs

Threat actors hacked the Dropbox Sign production environment 6 hours ago | securityaffairs.co
access addresses authentication breached +24
CISA adds GitLab flaw to its Known Exploited Vulnerabilities catalog 9 hours ago | securityaffairs.co
access access control agency breaking news +28
Panda Restaurant Group disclosed a data breach 13 hours ago | securityaffairs.co
breach breaking news cyber crime cybercrime +14
Ex-NSA employee sentenced to 262 months for attempting to transfer classified documents to Russia 1 day, 2 hours ago | securityaffairs.co
agency breaking news classified colorado +16
Cuttlefish malware targets enterprise-grade SOHO routers 1 day, 2 hours ago | securityaffairs.co
authentication black lotus black lotus labs cloud +26
A flaw in the R programming language could allow code execution 1 day, 4 hours ago | securityaffairs.co
arbitrary code arbitrary code execution breaking news code +22
Muddling Meerkat, a mysterious DNS Operation involving China’s Great Firewall 1 day, 12 hours ago | securityaffairs.co
apt bypass china china great firewall +21
Notorious Finnish Hacker sentenced to more than six years in prison 1 day, 23 hours ago | securityaffairs.co
aleksanteri kivimäki breaking news center cyber crime +17
CISA guidelines to protect critical infrastructure against AI-based threats 2 days, 3 hours ago | securityaffairs.co
agency ai ai risks analysis +27

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Social Engineer For Reverse Engineering Exploit Study

@ Independent study | Remote
View on infosec-jobs.com

DevSecOps Engineer

@ LinQuest | Beavercreek, Ohio, United States
View on infosec-jobs.com

Senior Developer, Vulnerability Collections (Contractor)

@ SecurityScorecard | Remote (Turkey or Latin America)
View on infosec-jobs.com

Cyber Security Intern 03416 NWSOL

@ North Wind Group | RICHLAND, WA
View on infosec-jobs.com

Senior Cybersecurity Process Engineer

@ Peraton | Fort Meade, MD, United States
View on infosec-jobs.com

Sr. Manager, Cybersecurity and Info Security

@ AESC | Smyrna, TN 37167, Smyrna, TN, US | Santa Clara, CA 95054, Santa Clara, CA, US | Florence, SC 29501, Florence, SC, US | Bowling Green, KY 42101, Bowling Green, KY, US
View on infosec-jobs.com
View more jobs