Ultimate Member <= 1.3.75 is vulnerable to Unauthenticated Change Passwords

There is a patch available in v1.3.76 and we strongly recommend you update to this version as soon as possible.