This plugin is top notch and we have been using it for several years.
Unfortunately, it was blocked today by the hoster because a serious security vulnerability was detected : ” Today, on June 29, 2023, the Wordfence Threat Intelligence Team became aware of an unpatched privilege escalation vulnerability being actively exploited in Ultimate Member, a WordPress plugin installed on over 200,000 sites, through our vulnerability changelog monitoring we do to ensure the Wordfence Intelligence Vulnerability Database has the most up to date and accurate information. Upon further investigation, we discovered that this vulnerability is being actively exploited and it hasn’t been adequately patched in the latest version available, which is 2.6.6 at the time of this writing.”
When can we expect a patch?
On our site, this plugin has a central function and is urgently needed.
Now I had to disable the whole site, otherwise content would be freely accessible on the web.
Thanks for an answer or a quick update.
- You must be logged in to reply to this review.