Critical Security Bug for WordPress Plugin

On Monday, Wordfence shared that a plugin called Ultimate Member, which is installed on more than 100,000 sites, has several critical security flaws that allow attackers to take over a site.

“These flaws made it possible for attackers to escalate their privileges to those of an administrator and take over a WordPress site,” researchers shared. “These are critical and severe vulnerabilities that are easy to exploit.”

It is highly recommended that Ultimate Member users update to the newest version, 2.1.12, immediately!