Vulnerability in User Registration & Membership

CVE-2026-11965

The User Registration & Membership WordPress plugin before 5.2.0 does not enforce payment completion before activating a paid membership subscription, allowing unauthenticated users (after self-registering an account through the open regi…

Affected products

  • Unknown User Registration & Membership — versions 0

References