120,000 WordPress websites vulnerable due to SQL injection leak in plugin
Blog — Tue 27 Feb 2024
Around February 24, it was discovered that the WordPress plugin Ultimate Member is vulnerable. The vulnerability involves an attack vector through SQL injection. The latest update of this plugin, version 2.8.3, fixes this vulnerability. However, it appears that many websites hav…