[ad_1]
Hello @lettobi
Sorry for these vulnerabilities in our plugin’s code.
Version 2.6.7 has been released on the 1st of July to patch this security vulnerability.
WP Scan confirmed that 2.6.7 fixes the various bypasses reported. WP Scan recommends updating the Ultimate Member plugin to version 2.6.7, which remediates this security issue. You find details in the WP Scan blog.
Regards
Thank you for this update. Maybe it’s just me but I feel like this was not clearly communicated by Ultimate Member.
Sorry for the delay. We have updated an article related to this issue: https://docs.ultimatemember.com/article/1866-security-incident-update-and-recommended-actions
Thank you