Unauthenticated attackers can gain full administrative control over WordPress sites by exploiting a critical privilege escalation vulnerability in the JAY Login & Register plugin.

This vulnerability exists because the plugin fails to restrict updates to arbitrary user meta within the 'jay_login_register_ajax_create_final_user' function. This flaw allows an unauthenticated attacker to modify their account metadata to grant themselves administrative privileges.

A successful exploit results in a total compromise of the WordPress environment, allowing attackers to access sensitive customer data, modify site content, or deploy malware. The CVSS score of 9.8 reflects the critical nature of this flaw, as it requires no authentication and leads to complete loss of confidentiality, integrity, and availability. Failure to remediate could lead to significant legal liability and reputational damage.

Immediate Action: Update the JAY Login & Register plugin to the latest patched version immediately. If a patch is unavailable, deactivate and remove the plugin to prevent exploitation.

Proactive Monitoring: Review WordPress user tables for any unauthorized administrator accounts and inspect access logs for unusual requests directed at the 'jay_login_register_ajax_create_final_user' AJAX action.

Compensating Controls: Implement a Web Application Firewall (WAF) with rules specifically designed to block unauthorized metadata update requests and restrict access to WordPress AJAX endpoints where possible.

Public Exploit Available: false

The severity of this vulnerability cannot be overstated; unauthenticated privilege escalation is a "worst-case" scenario for web applications. IT administrators must prioritize the update of this plugin across all managed WordPress instances. Immediate patching is the only effective way to mitigate the risk of full site takeover.