CyberRota
← Ana sayfaya dön

CVE-2026-11965

MEDIUM · CVSS 6.5 EPSS %0.14

Kaynak: NVD + CISA KEV + EPSS · Yayınlanma: 2026-07-02T06:16:13.390 · Çekilme zamanı: 2026-07-02T18:27:51.492642+00:00

CyberRota Yorumu

Saldırganın giriş yapmış olması gerekebilir.

CVE
CVE-2026-11965
Severity
MEDIUM
CVSS
6.5
EPSS
%0.14
WordPress

Orijinal NVD Açıklaması

The User Registration & Membership WordPress plugin before 5.2.0 does not enforce payment completion before activating a paid membership subscription, allowing unauthenticated users (after self-registering an account through the open registration flow) to obtain an active subscription on any paid plan without paying and access the gated content.