Vulnerability in User Registration & Membership
CVE-2026-11965
The User Registration & Membership WordPress plugin before 5.2.0 does not enforce payment completion before activating a paid membership subscription, allowing unauthenticated users (after self-registering an account through the open regi…
Affected products
- Unknown User Registration & Membership — versions 0
References
- contact@wpscan.com (technical-description, exploit, vdb-entry)