WordPress sites using the Ultimate Member plugin are under attack
Threat actors are exploiting a critical WordPress zero-day in the Ultimate Member plugin to create secret admin accounts.
Hackers are actively exploiting a critical unpatched WordPress Plugin flaw, tracked as CVE-2023-3460 (CVSS score: 9.8), to create secret admin accounts.
Ultimate …