A vulnerability in the popular Ultimate Member WordPress plugin enables account takeover by exposing password reset links. The flaw makes it possible for attackers with authenticated contributor-level ...