A critical privilege escalation vulnerability has been identified in the Frontend Admin by DynamiApps plugin for WordPress. This flaw allows an unauthenticated attacker to register a new user with administrator privileges, leading to a complete compromise of the affected website. Successful exploitation grants the attacker full control over the site's content, user data, and underlying server functions.

The vulnerability exists due to insufficient input validation in the plugin's validate_value, pre_update_value, and get_fields_display functions. When a user registration form created by the plugin includes a "Role" field, the plugin fails to properly sanitize the role value submitted by the user. An unauthenticated attacker can manipulate the POST request during registration to supply a high-privilege role (e.g., 'administrator'), bypassing security checks and creating a new administrative account for themselves.

This vulnerability is rated as critical severity with a CVSS score of 9.8. A successful exploit would result in a full compromise of the WordPress application. The business impact includes, but is not limited to, theft of sensitive customer or corporate data, website defacement, injection of malicious code to attack site visitors, significant reputational damage, and the potential for the compromised server to be used as a pivot point for further attacks against the internal network.

Immediate Action: Immediately update the 'Frontend Admin by DynamiApps' plugin to the latest version available (a version later than 3.28.25). After patching, conduct a thorough audit of all user accounts, specifically looking for any recently created administrator accounts that are unauthorized, and remove them immediately.

Proactive Monitoring: Review web server and application logs for suspicious POST requests to user registration endpoints, particularly those containing unexpected role parameters. Implement monitoring to alert on the creation of new user accounts with administrative privileges. Regularly scan for unexpected file changes on the web server.

Compensating Controls: If immediate patching is not feasible, consider the following mitigating actions:

• Disable any public-facing user registration forms created by the Frontend Admin plugin.
• Implement a Web Application Firewall (WAF) with rules to inspect and block registration attempts that try to manipulate the user role parameter.
• Temporarily deactivate the plugin until it can be safely updated.

Public Exploit Available: false

Given the critical CVSS score of 9.8 and the ability for an unauthenticated attacker to achieve a full site takeover, this vulnerability poses an immediate and severe risk to the organization. We strongly recommend that all instances of the affected plugin be updated to a patched version with the highest priority. The ease of exploitation means that automated attacks could begin at any time, and organizations should not wait for evidence of active exploitation before taking action.