CVE-2026-2356

CVE-2026-2356 (User Registration & Membership – WordPress) is a discovered Insecure Direct Object Reference affecting the plugin up to version 5.1.2. The issue arises from missing validation on a user-controlled key (member_id/register_member), enabling unauthenticated deletion of newly created u...