CVE-2026-1779
📋 TL;DR
This vulnerability allows unauthenticated attackers to bypass authentication in WordPress sites using the User Registration & Membership plugin. Attackers can log in as newly registered users who have the 'urm_user_just_created' meta flag set. All WordPress sites running vulnerable versions of this plugin are affected.
💻 Affected Systems
- WordPress User Registration & Membership plugin
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Attackers gain administrative access to WordPress sites, allowing them to install backdoors, modify content, steal data, or take complete control of the website.
Likely Case
Attackers gain access to user accounts with varying privilege levels, potentially accessing sensitive user data, posting malicious content, or escalating privileges.
If Mitigated
With proper monitoring and limited user privileges, impact is reduced to unauthorized access to low-privilege accounts only.
🎯 Exploit Status
The vulnerability is in the register_member function and requires the 'urm_user_just_created' user meta to be present, which occurs during user registration.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: 5.1.3 or later
Vendor Advisory: https://plugins.trac.wordpress.org/browser/user-registration/tags/5.1.3/
Restart Required: No
Instructions:
1. Log into WordPress admin panel. 2. Navigate to Plugins > Installed Plugins. 3. Find 'User Registration & Membership'. 4. Click 'Update Now' if available. 5. If no update appears, manually download version 5.1.3+ from WordPress.org and replace the plugin files.
🔧 Temporary Workarounds
Disable plugin
allTemporarily disable the vulnerable plugin until patched
wp plugin deactivate user-registration-membership
Block registration endpoints
allUse web application firewall to block access to user registration endpoints
🧯 If You Can't Patch
- Implement strict network access controls to limit who can access user registration functionality
- Enable detailed logging of all user registration and authentication events for monitoring
🔍 How to Verify
Check if Vulnerable:
Check WordPress admin panel > Plugins > User Registration & Membership > Version. If version is 5.1.2 or lower, you are vulnerable.Check Version:
wp plugin get user-registration-membership --field=versionVerify Fix Applied:
After updating, verify plugin version shows 5.1.3 or higher in WordPress admin panel.📡 Detection & Monitoring
Log Indicators:
- Multiple failed login attempts followed by successful login from same IP
- User accounts logging in immediately after creation
- Unusual user registration patterns
Network Indicators:
- HTTP POST requests to /wp-admin/admin-ajax.php with action=register_member
- Multiple registration attempts from single IP
SIEM Query:
source="wordpress.log" AND ("register_member" OR "urm_user_just_created")