WordPress Plugin Alert – Critical SQLi Vulnerability Threatens 200K+ Websites

February 27, 2024 at 01:09AM A critical security flaw (CVE-2024-1071) has been discovered in the Ultimate Member WordPress plugin, potentially allowing attackers to exploit SQL injection and extract sensitive data from the database. The issue has been addressed in version 2.8.3, following responsible disclosure. Users are strongly advised to update the plugin to mitigate potential … Read more