CVE-2026-11802
The CVE covers the FoodBook Lite WordPress plugin (up to version 1.5.6). The registration() function exposed via the wp_ajax_nopriv_registration_action AJAX action lacks nonce verification, lacks capability checks, and does not honor WordPress users_can_register before calling wp_insert_user(). T...