[CYBERDIGEST]
⊞ Dashboard ⚡ Intelligence 📝 Reports 📚 Global Threats 💻 Hack Lab 🗄️ Resources ⌬ 0xJerry's Lab
📡 RSS Feed
System Online

Tag

#CVE-2026-11963

articleHIGH 8.1

Critical Vulnerability in User Registration & Membership WordPress Plugin Allows Unauthorized Role Elevation

A high-severity vulnerability (CVE-2026-11963, CVSS 8.1) exists in the User Registration & Membership WordPress plugin prior to version 5.2.2. This flaw allows any authenticated user, including subscribers, to change another user's WordPress role and membership tier without proper authorization. The vulnerability has not been actively exploited but poses a significant risk due to its ease of exploitation and potential impact.

Jul 14, 20261 source