A vulnerability was found in frankkoenen login_register Plugin up to 1.2.0 on WordPress. It has been declared as problematic. This impacts an unknown function of the component Setting Handler. The manipulation of the argument login_register_login_post results in cross-site request forgery.
This vulnerability was named CVE-2026-1503. The attack may be performed from remote. There is no available exploit.
It is recommended to upgrade the affected component.
