A vulnerability identified as critical has been detected in User Registration & Membership Plugin up to 5.1.2 on WordPress. This impacts an unknown function of the component User Registration Handler. This manipulation of the argument role causes Remote Code Execution.
This vulnerability is handled as CVE-2026-1492. The attack can be initiated remotely. There is not any exploit available.
