CVE-2026-46721 Broken Access Control in extension "Frontend User Registration" (sf_register)

The create and edit flows do not restrict which user properties may be submitted and do not enforce access control on the frontend user group assignment. As a result, an attacker can assign an arbitrary frontend user group to a newly registered or edited account, gaining unauthorized access to...

TYPO3 Extension Frontend User Registration 安全漏洞

TYPO3 Extension Frontend User Registration is an open-source extension for TYPO3 that handles user registration at the frontend level. There is a security vulnerability in TYPO3 Extension Frontend User Registration. This vulnerability stems from the lack of restrictions on the submission of user...

EUVD-2025-24942

Malicious code in bioql PyPI...

CVE-2024-4870

The Frontend Registration – Contact Form 7 plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 5.1 due to insufficient restriction on the 'cf7frr' post meta. This makes it possible for authenticated attackers, with editor-level access and above, to modify...

WordPress Frontend Registration – Contact Form 7 plugin <= 5.1 - Authenticated (Editor+) Privilege Escalation vulnerability

Authenticated Editor+ Privilege Escalation vulnerability discovered by István Márton in WordPress Plugin Frontend Registration – Contact Form 7 versions = 5.1...

WordPress Frontend Registration – Contact Form 7 Plugin <= 5.1 is vulnerable to Privilege Escalation

Software Frontend Registration – Contact Form 7 Type Plugin Vulnerable versions = 5.1 Fixed in N/A OWASP Top 10 A4: Insecure Design Classification Privilege Escalation CVE CVE-2024-4870 Patch priority Medium CVSS severity Medium 7.2 Developer Claim ownership PSID e2e71615ce5d Credits István Márto...