CVE-2024-2417: 
WordPress vulnerability analysis and mitigation

The User Registration – Custom Registration Form, Login Form, and User Profile WordPress Plugin is affected by a privilege escalation vulnerability (CVE-2024-2417) in versions up to and including 3.1.5. The vulnerability stems from a missing capability check in the formsaveaction() function, which was discovered and reported in May 2024 (NVD).

The vulnerability has been assigned a CVSS v3.1 base score of 8.8 (High) with the vector string CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H. The issue exists due to a missing capability check in the formsaveaction() function, allowing authenticated users with subscriber-level access or higher to modify the registration form settings (Wordfence).

The vulnerability allows authenticated attackers with subscriber-level access or higher to update the registration form and set the default registration role to administrator. This enables attackers to subsequently register new accounts with administrator privileges, potentially leading to complete site compromise (NVD).

The vulnerability has been patched in a security update. Site administrators are strongly advised to update to the latest version of the plugin. The fix includes implementing proper capability checks in the formsaveaction() function (GitHub Commit).

The vulnerability was discovered through Wordfence's bug bounty program, resulting in a $2,063 bounty being awarded to the researcher (Wordfence).