Severity by source
AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
4DescriptionCVE.org
Incorrect Privilege Assignment vulnerability in wpeverest User Registration user-registration allows Privilege Escalation.This issue affects User Registration: from n/a through <= 4.4.9.
AnalysisAI
A privilege escalation vulnerability exists in the wpeverest User Registration WordPress plugin through version 4.4.9 due to incorrect privilege assignment (CWE-266). This flaw allows authenticated or unauthenticated attackers to escalate their privileges within the plugin, potentially gaining administrative access or elevated capabilities. No CVSS score, EPSS data, or KEV status has been published, limiting quantification of real-world exploitation risk, though the vulnerability was reported by Patchstack and affects all installations running version 4.4.9 or earlier.
Technical ContextAI
The wpeverest User Registration plugin (CPE: cpe:2.3:a:wpeverest:user_registration:*:*:*:*:*:*:*:*) is a WordPress plugin that manages user registration workflows and capabilities. The vulnerability stems from CWE-266 (Incorrect Privilege Assignment), a category of flaws where the application fails to properly restrict user capabilities or roles. This occurs when the plugin assigns roles, permissions, or capabilities without adequate validation, allowing users to claim privileges they should not possess. The affected component likely resides in the role/capability assignment logic during user registration, profile updates, or administrative functions, enabling horizontal or vertical privilege escalation depending on the attack vector.
RemediationAI
Immediately upgrade the wpeverest User Registration plugin to a version newer than 4.4.9 (monitor vendor release notes at https://patchstack.com/database/Wordpress/Plugin/user-registration/vulnerability for available patches). Until patching is completed, enforce strict role-based access control (RBAC) policies through WordPress user capabilities filtering, restrict plugin functionality to trusted user roles via code or configuration, and consider temporarily disabling user self-registration features if the vulnerability is tied to that code path. Review and audit existing user accounts for unexpected privilege escalation, and monitor login logs for suspicious privilege-escalation attempts. If immediate patching is delayed, consider temporarily deactivating the plugin or using a Web Application Firewall (WAF) to rate-limit or block requests to plugin endpoints.
More in User Registration
View allThe User Registration plugin for WordPress is vulnerable to arbitrary file uploads due to a hardcoded encryption key and
The User Registration WordPress plugin before 2.2.4.1 does not properly restrict the files to be uploaded via an AJAX ac
The User Registration WordPress plugin before 2.0.2 does not properly sanitise the user_registration_profile_pic_url val
The User Registration plugin for WordPress is vulnerable to PHP Object Injection in versions up to, and including, 3.0.1
The User Registration WordPress plugin before 3.0.4.2 does not sanitize and escape some of its settings, which could all
Unauthenticated availability-impacting broken access control affects the ThemeGrill User Registration WordPress plugin v
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpeverest User Reg
The User Registration & Membership - Custom Registration Form, Login Form, and User Profile plugin for WordPress is vuln
Same weakness CWE-266 – Incorrect Privilege Assignment
View allSame technique Privilege Escalation
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-15830
GHSA-9hpg-mwp6-rhmw