CVE-2026-14250
Last modified
CVE-2026-14250 is a medium-severity vulnerability rated 6.3/10 on the CVSS scale. The Themehunk Login Registration plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 1.0.2. This is due to the handle_frontend_register() function in the unauthenticated /thlogin/v1/register REST endpoint accepting a user-controlled 'role' parameter and validating it only against get_editable_roles() — which returns every defined editable site role, including 'editor' — before passing it to wp_insert_user().
Description
The Themehunk Login Registration plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 1.0.2. This is due to the handle_frontend_register() function in the unauthenticated /thlogin/v1/register REST endpoint accepting a user-controlled 'role' parameter and validating it only against get_editable_roles() — which returns every defined editable site role, including 'editor' — before passing it to wp_insert_user(). This makes it possible for unauthenticated attackers, when public user registration is enabled, to create new accounts with the editor role.
Metrics
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Weakness Enumeration
Affected Software
Source: CNA advisory (CVE.org). NVD analysis pending.
| Vendor | Product | Versions |
|---|---|---|
| themehunk | TH Login Registration | <= 1.0.2 |
References
Timeline
- Published
- Last Modified
- Status
- Deferred
Frequently Asked Questions
What is CVE-2026-14250?
How severe is CVE-2026-14250?
How do I fix CVE-2026-14250?
Related CVEs from 2026
- CVE-2026-1424A vulnerability was identified in PHPGurukul News Portal 1.0…7.2
- CVE-2026-14241Memory safety bugs present in Firefox 152.0.3. Some of these…9.8
- CVE-2026-14244The Jssor Slider by jssor.com plugin for WordPress is vulner…7.5
- CVE-2026-14245The miniOrange OTP Login, Verification and SMS Notifications…9.8
- CVE-2026-14249The Request a Quote plugin for WordPress is vulnerable to Co…7.5
- CVE-2026-1425A security flaw has been discovered in pymumu SmartDNS up to…6.3
- CVE-2026-14258A flaw was found in dhcpcd's IPv6 Neighbor Discovery Router …6.5
- CVE-2026-1426The Advanced AJAX Product Filters plugin for WordPress is vu…8.8
- CVE-2026-14261A vulnerability in the Xerte Online Tools allows for authent…9.1
- CVE-2026-14265Deserialization of untrusted data in the RemoteQueryCachePlu…8.8
- CVE-2026-1427Single Sign-On Portal System developed by WellChoose has a O…8.8
- CVE-2026-14278Rejected reason: After further coordination, CVE was determi…
Are you affected by CVE-2026-14250?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST
