Thousands of WordPress sites could be at risk as a vulnerability in the Ultimate Member plugin gets exploited, but a quick fix will stop your site from being taken over.
The plugin, which has amassed more than 200,000 downloads on the platform, is designed to support user signups and memberships on WordPress websites.
The vulnerability which is being tracked as CVE-2023-3460 has been awarded a score of 9.8, making it ‘critical.’ It is believed to have impacted all versions of the plugin.