CVE 9.8 CRITICAL

User Registration Advanced Fields <= 1.6.20 - Unauthenticated Arbitrary File Upload_CVE-2026-4882

May 2, 2026 invoker category_cve

9.8 / 10

CRITICAL

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Description

The User Registration Advanced Fields plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'URAF_AJAX::method_upload' function in all versions up to, and including, 1.6.20. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible. Note: The vulnerability can only be exploited if a "Profile Picture" field is added to the form.

AI Analysis

Unauthenticated arbitrary file upload vulnerability due to missing file type validation

Basic Information

ID CVE-2026-4882

Source Wordfence

Published May 2, 2026 at 04:27

Affected Product

Vendor WPEverest

Product User Registration Advanced Fields

Version 1.6.20

Affected Versions WPEverest User Registration Advanced Fields 0

CWE Classification

CWE-434

AI Assessment

AI Score 9.8 / 10

AI Severity Critical

Vendor WPEverest

Product User Registration Advanced Fields

Version 1.6.20

References

{
    "lastseen": "",
    "description": "The User Registration Advanced Fields plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'URAF_AJAX::method_upload' function in all versions up to, and including, 1.6.20. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible. Note: The vulnerability can only be exploited if a \"Profile Picture\" field is added to the form.",
    "published": "2026-05-02T04:27:46.466Z",
    "modified": "2026-05-02T04:27:46.466Z",
    "type": "cve",
    "title": "User Registration Advanced Fields <= 1.6.20 - Unauthenticated Arbitrary File Upload",
    "source": "Wordfence",
    "references": "https://www.wordfence.com/threat-intel/vulnerabilities/id/f2c6a377-216f-4d61-8fae-ec5bc2793cdf?source=cve\nhttps://wpuserregistration.com/features/advanced-fields/",
    "id": "CVE-2026-4882",
    "bulletinFamily": "",
    "cwe": [
        "CWE-434"
    ],
    "cvelist": null,
    "sourceData": "WPEverest User Registration Advanced Fields 0",
    "sourceHref": "",
    "cvss": {
        "score": 9.8,
        "severity": "CRITICAL",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "User Registration Advanced Fields",
    "version": "1.6.20",
    "vendor": "WPEverest",
    "ai_description": "Unauthenticated arbitrary file upload vulnerability due to missing file type validation",
    "ai_severity": "Critical",
    "ai_vendor": "WPEverest",
    "ai_product": "User Registration Advanced Fields",
    "ai_version": "1.6.20",
    "ai_score": 9.8
}

💭 Join the Security Discussion ❌ Cancel Reply