A newly discovered critical security flaw in the widely used WordPress User Registration & Membership plugin has exposed millions of websites to complete takeover attacks. Officially tracked as CVE-2026-1492, the vulnerability allows unauthenticated attackers to create administrator accounts without any user interaction. The flaw affects all plugin versions up to and including 5.1.2 and carries […] The post WordPress Membership Plugin Vulnerability Lets Attackers Create Admin Accounts appeared first on Cyber Security News.