all InfoSec news
WordPress sites using the Ultimate Member plugin are under attack
Security Affairs securityaffairs.co
Threat actors are exploiting a critical WordPress zero-day in the Ultimate Member plugin to create secret admin accounts. Hackers are actively exploiting a critical unpatched WordPress Plugin flaw, tracked as CVE-2023-3460 (CVSS score: 9.8), to create secret admin accounts. Ultimate Member is a popular user profile and membership plugin for WordPress, it allows admins to […]
The post WordPress sites using the Ultimate Member plugin are under attack appeared first on Security Affairs.
accounts attack breaking news critical cve cvss exploiting flaw hackers hacking information security news it information security pierluigi paganini plugin popular profile score secret threat threat actors ultimate member under unpatched user profile wordpress wordpress plugin zero-day