{"id":8740,"date":"2025-07-22T22:51:34","date_gmt":"2025-07-22T22:51:34","guid":{"rendered":"http:\/\/localhost\/?p=8740"},"modified":"2025-07-22T22:51:34","modified_gmt":"2025-07-22T22:51:34","slug":"omnishop-109-missing-registration-restriction-to-unauthenticated-account-creation-via-usersregister","status":"publish","type":"post","link":"https:\/\/zero.redgem.net\/?p=8740","title":{"rendered":"Omnishop <= 1.0.9 - Missing Registration Restriction to Unauthenticated Account Creation via \/users\/register REST Endpoint"},"content":{"rendered":"
\n

CVE Details<\/h2>\n
\n
\n

Basic Information<\/h3>\n\n\n\n\n\n
Title<\/th>\nOmnishop <= 1.0.9 - Missing Registration Restriction to Unauthenticated Account Creation via \/users\/register REST Endpoint<\/td>\n<\/tr>\n
Type<\/th>\ncve<\/td>\n<\/tr>\n
Published<\/th>\n2025-07-23T02:24:37.162Z<\/td>\n<\/tr>\n
Modified<\/th>\n2025-07-23T02:24:37.162Z<\/td>\n<\/tr>\n<\/table>\n<\/div>\n
\n

Product Information<\/h3>\n\n\n\n\n
Vendor<\/th>\nomnishop<\/td>\n<\/tr>\n
Product<\/th>\nOmnishop \u2013 Mobile shop apps complementing your WooCommerce webshop<\/td>\n<\/tr>\n
Version<\/th>\n*<\/td>\n<\/tr>\n<\/table>\n<\/div>\n<\/div>\n
\n

CVSS Information<\/h3>\n\n\n\n
Base Score<\/th>\n5.3 (MEDIUM)<\/td>\n<\/tr>\n
Attack Vector<\/th>\nCVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:N\/I:L\/A:N<\/td>\n<\/tr>\n<\/table>\n<\/div>\n
\n

AI Analysis<\/h3>\n\n\n\n\n\n\n
AI Description<\/th>\nThe Omnishop WordPress plugin allows unauthenticated users to bypass registration restrictions, enabling them to create user accounts without proper authorization. This vulnerability could lead to unauthorized access and potential security risks for sites using the plugin.<\/td>\n<\/tr>\n
AI Severity<\/th>\nMedium<\/td>\n<\/tr>\n
AI Vendor<\/th>\nWordPress Community<\/td>\n<\/tr>\n
AI Product<\/th>\nOmnishop<\/td>\n<\/tr>\n
AI Version<\/th>\n1.0.9<\/td>\n<\/tr>\n<\/table>\n<\/div>\n
\n

Affected Products<\/h4>\n