The Simple Membership plugin for WordPress has been found to have two security flaws that could result in privilege escalation issues, including unauthenticated users being able to register accounts with arbitrary membership levels and authenticated users being able to take over any member account through an insecure password reset process.
View full story…
Security Flaws in Simple Membership Plugin for WordPress Could Lead to Privilege Escalation
