Signup Page plugin CVE-2024-50475
CRITICALSeverity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
2DescriptionCVE.org
Missing Authorization vulnerability in Scott Gamon Signup Page signup-page allows Privilege Escalation.This issue affects Signup Page: from n/a through <= 1.0.
AnalysisAI
Privilege escalation in Scott Gamon's Signup Page WordPress plugin (versions up to and including 1.0) allows remote unauthenticated attackers to elevate privileges due to a missing authorization check (CWE-862). With a CVSS score of 9.8 and an EPSS score of 31.97% (97th percentile), this represents an elevated exploitation likelihood, though no public exploit is identified at time of analysis.
Technical ContextAI
The Signup Page plugin is a WordPress extension developed by Scott Gamon that handles user signup functionality. The root cause is CWE-862 (Missing Authorization), where the application fails to perform an authorization check before granting access to a sensitive function or resource. In the context of a signup/registration plugin, this typically means privileged actions (such as setting user roles or capabilities during registration) are exposed without proper capability checks via WordPress's current_user_can() or nonce verification mechanisms, allowing attackers to bypass the intended privilege model.
Affected ProductsAI
Scott Gamon Signup Page plugin for WordPress, all versions from n/a through and including 1.0 are affected. No CPE string was provided in the available data. The vendor advisory was not provided in references, but Patchstack typically publishes details at patchstack.com given audit@patchstack.com is the CNA for this CVE.
RemediationAI
No vendor-released patch identified at time of analysis - version 1.0 is the latest affected version with no fixed version disclosed in the available data. As a primary compensating control, deactivate and uninstall the Signup Page plugin until a patched release is published, since the affected functionality is the plugin's core purpose and partial mitigation is not feasible. If the plugin must remain active, restrict access to the WordPress registration endpoints via web application firewall rules (Patchstack, Wordfence, or equivalent virtual patching) and disable open user registration in WordPress Settings > General by unchecking 'Anyone can register,' though this may not block the vulnerable codepath if it bypasses standard registration. Monitor the Patchstack advisory database and the plugin's repository page on wordpress.org for a fixed version release.
Same weakness CWE-862 – Missing Authorization
View allSame technique Authentication Bypass
View allShare
External POC / Exploit Code
Leaving vuln.today