Beware of User Role Security

I love ultimate member and the functionality it provides to a wordpress site, I am using premium functionality on some of my sites!

However, there is a massive configuration to be aware of when you install this plugin!

Every user registration is set to be automatically accepted by default, for every user role, including administrator.

Even after careful configuring of user roles, permissions and capabilities, installing the plugin overwrites the user registration process, setting it to automatically accept every registration.

Registration with capabilities being applied in this way are often overlooked by a lot of security plugins and a simple hack on the registration process can enable a user to gain administrator access to your site, even if your signup forms are role specific.

Definitely use Ultimate Member, Definitely treble check your signup/registration and user capability settings once installed