WordPress WordPress User Registration Rejects Invalid Input

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

WordPress WordPress User Registration Rejects Invalid Input

CVE-2026-26252

Summary

WordPress's user registration feature doesn't properly handle invalid input, allowing attackers to manipulate the registration process. This could potentially allow an attacker to create unauthorized user accounts. To mitigate this, update your WordPress installation to the latest version.

Original title

Rejected reason: Not used

Original description

Rejected reason: Not used

Published: 13 Feb 2026 · Updated: 10 Mar 2026 · First seen: 6 Mar 2026