CVE Catalog

CVE-2026-52701

MediumCVSS 6.5
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.19%

9th percentile — higher than 9% of all known CVEs

Summary

The User Registration plugin version 5.2.2 and earlier contains an unauthenticated broken access control vulnerability. An attacker without authentication can exploit this flaw to perform unauthorized actions.

Risk Assessment

The risk involves potential unauthorized access to user registration functions, which could lead to data integrity breaches and privilege escalation.

Recommendation

It is recommended to immediately update the User Registration plugin to the latest available version that addresses this vulnerability.

Original NVD description (English source)

Unauthenticated Broken Access Control in User Registration <= 5.2.2 versions.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS