I’d start by testing without the cache.
It would be extremely odd for this to occur – at least when just WP and WP-Members are involved. WP-Members uses WP’s wp_signon() function to authenticate the user which provides the user ID to set the user as logged in using wp_set_current_user(). These are core WP functions and I have never heard of a different user being set as logged in (and I’ve been doing this a long time). There has to be something else at play here. I would initially suspect a cache issue.
Other things to look at and consider:
* are the users reporting this using a shared computer (i.e. are they seeing the account of another user who uses that same physical machine)? And if so, are they sure they logged out?
* Usernames and emails must be unique. However, there is no mechanism that checks an email provided as a username against already existing emails if the user used a different email for the email input. Since login can be by email or username, that could be a possibility that could confuse things. However, the passwords for the account would have to be exactly the same as well. This is similar to the above – related users.
So I would recommend reaching out to the users involved to get more information on what occurred and what they saw.
If you’re not able to reproduce the issue (and I would be surprised if you could since this seems highly probable to be user error or related in some way to the end users involved), then I would also recommend testing with any other user oriented plugins disabled to see if you can isolate where the problem originates or occurs.
