• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar

virusword.com-Wordpress

Learn Wordpress

  • Home
  • WordPress Shop
    • Fotopress
    • SEO Tool Kit
    • Social Contact
    • Tag Machine 2
    • Video Profits
  • Latest News
  • WordPress
    • Plugins
    • Themes
    • Tutorials
    • Videos
    • Woocommerce
  • About Us
  • Contact Us
    • Terms of Service
    • Privacy Policy
  • Show Search
Hide Search
Home/Plugins/WordPress Plugin Ultimate Member Vulnerability Allows Attackers to Gain Admin Privileges

WordPress Plugin Ultimate Member Vulnerability Allows Attackers to Gain Admin Privileges

Attention WordPress admins: Security researchers have noticed a rise in attacks targeting the Ultimate Member plug-in. These attacks have prompted the release of a security patch that website operators should install promptly. The Ultimate Member plug-in is widely used, with over 200,000 active installations. Security researchers from WPScan have classified the vulnerability (CVE-2023-3460) as critical, as it allows attackers to gain admin rights. To prevent further attacks, the researchers have not disclosed detailed attack scenarios. Instead, they have listed indications of an attack, including suspicious IP addresses and the presence of fake admin accounts such as “apadmins,” “wpadmins,” or “segs_brutal.” Website owners should also remove any plugins installed by the attackers, such as “yyobang” and backdoors.

The developers have addressed the security issue in version 2.6.7 of the Ultimate Member plug-in. Admins are urged to ensure they have installed this version promptly. The vulnerability was first identified in early June 2023, with the initial attacks observed at the end of that month. Although the developers released a security update quickly, the security researchers were able to bypass the fix. Consequently, version 2.6.7, which provides full protection against attacks, was released at the beginning of July. The Ultimate Member provider strongly recommends that admins update their plug-ins promptly to safeguard their websites.

Source link

Written by:
Abdul Wahid
Published on:
July 3, 2023

Categories: Plugins

Primary Sidebar

Wordpress

  • Latest News (348)
  • Plugins (404)
  • Themes (413)
  • Tutorials (510)
  • Videos (1,034)
  • Woocommerce (510)

Recent Articles

How to Display Different Sidebar for Each Post and Page in WordPress

Do you want to display different sidebars for …

Continue Reading about How to Display Different Sidebar for Each Post and Page in WordPress

How to Add a Chatbot in WordPress (Step by Step)

Are you looking to add a chatbot in …

Continue Reading about How to Add a Chatbot in WordPress (Step by Step)

Search our site

Explore more

Get our Wordpress Guide Get Plugins Get Connected

Footer

VirusWord by Promaps, Inc.

Barnes Place
Colombo 7, Western 00700

Copyright © 2023 · Promaps, Inc.

Keep In Touch

  • Email
  • Facebook
  • Instagram
  • Pinterest
  • Twitter