CVE-2026-32488Incorrect Privilege Assignment in User Registration

CWE-266Incorrect Privilege Assignment3 documents3 sources
Severity
8.1HIGHNVD
EPSS
0.1%
top 82.96%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Wpeverest User Registration
Timeline
PublishedMar 25

Description

Incorrect Privilege Assignment vulnerability in wpeverest User Registration user-registration allows Privilege Escalation.This issue affects User Registration: from n/a through <= 4.4.9.

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 2.2 | Impact: 5.9

Affected Packages1 packages

CVEListV5wpeverest/user_registrationn/a<= 4.4.9

🔴Vulnerability Details

2
CVEList
WordPress User Registration plugin <= 4.4.9 - Privilege Escalation vulnerability2026-03-25
GHSA
GHSA-9hpg-mwp6-rhmw: Incorrect Privilege Assignment vulnerability in wpeverest User Registration user-registration allows Privilege Escalation2026-03-25
CVE-2026-32488 — Incorrect Privilege Assignment | cvebase