CVE-2026-0844
Privilege Escalation in WordPress Simple User Registration Plugin
Publication date: 2026-01-28
Last updated on: 2026-04-08
Assigner: Wordfence
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| wp_user_registration | plugin | to 6.7 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-284 | The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in the Simple User Registration plugin for WordPress (up to version 6.7) where the 'profile_save_field' function does not properly restrict access. As a result, an authenticated user with minimal permissions (such as a subscriber) can escalate their privileges by modifying their user role through the 'wp_capabilities' parameter during a profile update.
How can this vulnerability impact me? :
An attacker with minimal permissions can exploit this vulnerability to escalate their privileges, potentially gaining administrative or higher-level access. This can lead to unauthorized control over the WordPress site, including the ability to modify content, manage users, and compromise the site's integrity, confidentiality, and availability.
What immediate steps should I take to mitigate this vulnerability?
To mitigate this vulnerability, immediately update the Simple User Registration plugin for WordPress to a version later than 6.7 where the issue is fixed. Additionally, restrict user permissions to prevent subscribers or low-privileged users from modifying the 'wp_capabilities' parameter during profile updates until the patch is applied.