WordPress Security Alert: Critical Privilege Escalation Flaw in Popular Membership Plugin
ID: ca00278a-0d97-5705-9476-1c36063d2419
STIX ID: report--ca00278a-0d97-5705-9476-1c36063d2419
Feed Name: securityonline.info
Threat Score
A critical privilege-escalation vulnerability (CVE-2026-1492, CVSS 9.8) in the User Registration & Membership WordPress plugin allows unauthenticated attackers to specify an administrative role during signup, resulting in full site compromise; administrators must update to version 5.1.3 or later to remediate.
Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.