Security researchers at Defiant reported finding a bug in User Registration & Membership, a WordPress plugin which helps admins create subscription plans, control user access, and ...