WordPress membership plugin bug exploited to create admin accounts

Hackers are exploiting a critical vulnerability in the User Registration & Membership plugin, which is installed on more than ...
Hosted on MSN

Sneeit WordPress RCE flaw allows hackers to add themselves as admin - here's how to stay safe

WordFence disclosed critical RCE flaw (CVE-2025-6389) in Sneeit Framework plugin, affecting versions ≤8.3 Exploitation allows attackers to create admin accounts, install malicious plugins, and hijack ...

WordPress User Registration & Membership Plugin Vulnerability

Critical vulnerability affecting a WordPress user registration and membership plugin enables attackers to take full control of a website.
Bleeping Computer

Zero-Day in WordPress Plugin Exploited to Create Admin Accounts

A zero-day vulnerability in the ThemeREX Addons, a WordPress plugin installed on thousands of sites, is actively exploited by attackers to create user accounts with admin permissions and potentially ...
ZDNet

WordPress sites under attack as hacker group tries to create rogue admin accounts

A hacker group is exploiting vulnerabilities in more than ten WordPress plugins to create rogue admin accounts on WordPress sites across the internet. The attacks are an escalation part of a hacking ...