The WP User Frontend plugin for WordPress has a security issue that could allow someone to become an administrator without the correct credentials. This is because versions up to 3.5.28 of the plugin don’t properly check a user’s role when it processes their registration. This means that if an attacker has access to certain values from the wp-config.php file