[ad_1]
Hackers are actively exploiting a zero-day vulnerability in the Ultimate Member WordPress plugin, which has around 200,000 installations. The vulnerability allows unauthorized access and execution of malicious code on affected websites. Attackers inject JavaScript code into the plugin’s REST API endpoint to steal user information and distribute malware. Plugin developers are working on a patch, but users should update to the latest version and take precautions to protect their websites.
[https://www.bleepingcomputer.com/news/security/hackers-exploit-zero-day-in-ultimate-member-wordpress-plugin-with-200k-installs/])​
​
​
[ad_2]