A vulnerability classified as critical was found in User Registration & Membership Plugin up to 5.2.2 on WordPress. Affected by this vulnerability is an unknown functionality. The manipulation results in authorization bypass.

This vulnerability is cataloged as CVE-2026-11966. The attack may be launched remotely. There is no exploit available.