CVE-2026-1492

This PHP script automates the exploitation of a vulnerability in a WordPress registration system, likely involving improper nonce validation or privilege escalation. It interacts with the target site's registration form, extracts necessary tokens, and submits crafted data to elevate user privileges.

This repository contains a functional exploit for CVE-2026-1492, targeting a WordPress membership plugin. The script automates user registration, membership escalation, and admin privilege acquisition through a chain of HTTP requests.

This repository contains a functional exploit for CVE-2026-1492, a privilege escalation vulnerability in the WordPress User Registration & Membership plugin. The exploit leverages improper validation of user-controlled input to assign arbitrary roles, including administrator, during the membership registration process.

The repository claims to contain a PoC for CVE-2026-1492 but only provides a vague description and a link to an external download (satoshidisk.com). No actual exploit code or technical details are included.

This PHP script automates the exploitation of CVE-2026-1492 by interacting with a WordPress registration form, extracting nonces and security tokens, and submitting crafted requests to elevate user privileges. It demonstrates an authentication bypass leading to privilege escalation.

This PHP script automates the exploitation of CVE-2026-1492 by interacting with a WordPress registration form, extracting nonces and security tokens, and submitting crafted requests to elevate a user's role to administrator. It demonstrates an authentication bypass leading to privilege escalation.