A critical account takeover vulnerability in the Ultimate Member WordPress plugin allows unauthenticated attackers to compromise user accounts.

This vulnerability involves the improper handling of password reset mechanisms, leading to the disclosure of sensitive reset links. An attacker can leverage this to perform an account takeover without requiring prior authentication.

The ability for an attacker to hijack user accounts, including those with administrative privileges, presents a critical threat to the entire WordPress ecosystem. With a CVSS score of 8.8, this vulnerability could lead to total site compromise, data exfiltration, and the distribution of malicious content to visitors.

Immediate Action: Update the Ultimate Member plugin to the latest available version provided by the developer.

Proactive Monitoring: Review user account modification logs and investigate any unexpected password reset requests or suspicious profile changes.

Compensating Controls: Disable the plugin temporarily if a patch is not immediately available and employ rate-limiting on reset requests via a WAF.

Public Exploit Available: false

This vulnerability is highly severe due to its impact on user account security. Organizations using the Ultimate Member plugin must prioritize updating their installation immediately to prevent unauthorized access and potential site-wide takeover.