A vulnerability classified as critical was found in Divi Engine Divi Form Builder Plugin up to 5.1.8. Impacted is the function update_user/handle_register_submission of the component User Account Management. The manipulation of the argument User ID results in missing authorization.

This vulnerability was named CVE-2026-5523. The attack may be performed from remote. There is no available exploit.