What the vulnerability does
01Description
Unauthenticated Broken Access Control in User Registration <= 5.1.2 versions.
CVSS base score
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
What the vulnerability does
Unauthenticated Broken Access Control in User Registration <= 5.1.2 versions.
Explanation of Vulnerability in Simple Terms
ThemeGrill User Registration versions up to 5.1.2 lack proper authorization checks, allowing unauthenticated attackers to disrupt the site's availability. An attacker can send requests over the network without authentication to trigger a denial-of-service condition. Site administrators should update to a version newer than 5.1.2 immediately.
What an attacker can do
Make the site unavailable or unresponsive by sending network requests without logging in.
Potential impact on your site
Your site may become slow or unavailable if targeted; users cannot register or access the site.
Conditions required to exploit
Network access only; no authentication or user interaction required.
Key dates
External resources
Related vulnerabilities