Threat Post

Ultimate Member Plugin for WordPress Allows Site Takeover

Three critical security bugs allow for easy privilege escalation to an administrator role. A WordPress plugin installed on more than 100,000 sites has three critical security bugs that each allow ...

WordPress Membership Plugin Flaw Exposes Sensitive Stripe Data

WordPress membership plugin vulnerability exposing sensitive Stripe payment data affects up to 10,000 websites.
ZDNet

Critical privilege escalation bugs squashed in WordPress Ultimate Member plugin

Accounting for over 100,000 active installations on websites that use the WordPress content management system (CMS), Ultimate Member allows webmasters to offer membership, sign-ups, and member profile ...
Searchenginejournal.com

WordPress Releases Free Course On Building & Monetizing Membership Sites

WordPress just released a free course on how to make money with a membership site that walks through the process of setting it up, deciding the best payment plans and managing subscriptions. The step ...
Bleeping Computer

Hackers exploit zero-day in Ultimate Member WordPress plugin with 200K installs

Hackers exploit a zero-day privilege escalation vulnerability in the 'Ultimate Member' WordPress plugin to compromise websites by bypassing security measures and registering rogue administrator ...