Alerts
Events
DCR
Explore Cyware Products
Alerts
Events
DCR
Go to listing page
WordPress Plugin Alert - Critical SQLi Vulnerability Threatens 200K+ Websites
Malware and Vulnerabilities
February 27, 2024
The Hacker News
A critical security flaw (CVE-2024-1071) in the Ultimate Member WordPress plugin allowed unauthenticated attackers to perform SQL injection and extract sensitive data, affecting users who enabled the "Enable custom table for usermeta" option.
Read More
Wordpress Sites
SQL injection
Critical Severity Vulnerability
Data exfiltration
Ultimate Member plugin
Publisher
Previous
It’s Time for Security Operations to Ditch Excel
Expert Blogs and Opinion
Next
Report: CVE Count Set to Rise by 25% in 2024
Trends, Reports, Analysis
/https://cyware-ent.s3.amazonaws.com/image_bank/2b45_shutterstock_1023955864.jpg)
/https://cyware-ent.s3.amazonaws.com/image_bank/44e7_shutterstock_2264612211.jpg)
