Generic filters
Exact matches only
Search in title
Search in content
Filter by Custom Post Type
Filter by Categories

Critical SQLi Vulnerability Threatens over 200K WordPress Websites

Critical SQLi flaw (CVE-2024-1071) in WordPress Ultimate Member plugin affects over 200K sites. Exploit allows unauthenticated attackers to inject malicious SQL queries. Only users who enabled “Enable custom table for usermeta” option are affected. Plugin developers released version 2.8.3 on February 19 to fix the flaw. Wordfence has blocked one exploit attempt in the last 24 hours, so users should update promptly.



Cubic Lighthouse is a cybersecurity publication dedicated to demystifying security, making news actionable, providing deeper thinking about the fundamentals of security, and providing decision-makers and the community at large with the right information to make the right decisions. We will also feature more technical articles and provide personal/family security advice.

©2024 Cubic Consulting, a Smart Security Company for your Business – All Rights Reserved.