Recently, the Wordfence Threat Intelligence team announce a critical vulnerability in the Litespeed Cache plugin. This is a privilege escalation vulnerability, which means that an attacker who gains access as a low level user can exploit the vulnerability to gain admin rights on an affected site.
I am pointing this out because I know a lot of WP-Members’ users also utilize cache plugins, which can include Litespeed Cache. If you’re one of those users, please make sure that you update your version of Litespeed cache to a version higher than 6.3.0.1 as all other versions are vulnerable.
You can read more about this reported vulnerability here: