A vulnerability labeled as critical has been found in wpinsider-1 Simple Membership Plugin up to 4.7.5 on WordPress. This impacts an unknown function of the component Setting Handler . Executing a manipulation can lead to missing authorization. This vulnerability is tracked as CVE-2026-12093 . The attack can be launched remotely. No exploit exists.