Critical vulnerabilities in the Ultimate Member plugin could be easily exploited by attackers to take over WordPress sites fully.
Critical vulnerabilities in the Ultimate Member plugin could be easily exploited by attackers to take over WordPress sites fully.
The Ultimate Member WordPress plugin allows admins to easily manage membership to their websites and build online communities by allocating custom privileges for various user roles.
On October 23, 2020, Wordfence researchers disclosed three vulnerabilities in Ultimate Member, a WordPress plugin installed on over 100,000 sites. These flaws allow attackers to escalate their privileges to those of an administrator and take over a WordPress site.
The vulnerabilities were reported to the development team behind the plugin on October 26, that addressed them with the release of Ultimate Member version 2.1.12on October 29.
“This vulnerability is considered very critical as it makes it possible for originally unauthenticated users to easily escalate their privileges to those of an administrator. Once an attacker has administrative access to a WordPress site, they have effectively taken over the entire site and can perform any action, from taking the site offline to further infecting the site with malware, ” reads the analysis published by Wordfence.
Two of the critical vulnerabilities discovered by the experts have received a maximum CVSS severity score of 10/10, as they are both unauthenticated privilege escalation issues via user meta and user roles.
The third received a CVSS severity score of 9.8/10, its exploitation requires wp-admin access to the profile.php page, whether explicitly allowed any attackers to gain access to admin with minimal effort.
Since the release of the Ultimate Member 2.1.12, the plugin was downloaded roughly 75,000 times; this means that at least 25,000 WordPress websites with active Ultimate Member installations are potentially left exposed to attackers.
Ultimate Members immediately need to update the plugin to 2.1.12, to prevent attacks designed to take over sites running vulnerable versions of this plugin.
For the latest cyber threats and the latest hacking news please follow us on Facebook, Linkedin, and Twitter.
You may be interested in reading: How to Survive the COVID Time Cyber Security Threats?