Open in app

Sign in

Write

Sign in

“Ultimate Member” WordPress Plugin vulnerability || CVE-2023–3460

Raj Upadhyay
Jul 2, 2023

--

“privilege escalation vulnerability being actively exploited in Ultimate Member WordPress plugin”

Ultimate Member WordPress plugin vulnerability || CVE-2023–3460

  • CVE-2023–3460
  • “Ultimate Member” WordPress plugin
  • #Affected Versions: <= 2.6.6

Check for Recently created Administrator accounts in your WordPress website. Check in log files and identify recently requested request for “/register” and co-relate it with newly created administrator account time. As mentioned in “wordfence.com” blog check following IPs in Log files

  1. 146.70.189.245
  2. 103.187.5.128
  3. 103.30.11.160
  4. 103.30.11.146
  5. 172.70.147.176

For More IOCs check below Github link.

IOC/Zero-Day Vulnerability IOC/Ultimate Member WordPress plugin - CVE-2023-3460 at main · IRB0T/IOC

Contribute to IRB0T/IOC development by creating an account on GitHub.

github.com

Reference:

  1. https://www.wordfence.com/blog/2023/06/psa-unpatched-critical-privilege-escalation-vulnerability-in-ultimate-member-plugin-being-actively-exploited/
Ultimate Member Plugin
Ultimate Member
Cve 2021 3560
Vulnerability
WordPress

--

--

Raj Upadhyay
Raj Upadhyay

Written by Raj Upadhyay

191 Followers
54 Following

DFIR Consultant || #LoveToPlayCTF #infosec #cybersecurity #4n6

No responses yet

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams