Kubow

**Name of the Vulnerable Software and Affected Versions** The JNews - WordPress Newspaper Magazine Blog AMP Theme versions prior to 11.6.7 **Description** The issue arises from the theme not properly validating if the user can register option is enabled before creating a user through the `register handler()` function. This allows unauthenticated attackers to register as a user even when user registration is disabled. **Recommendations** For versions prior to 11.6.7, update to version 11.6.7 or later to resolve the issue. As a temporary workaround, consider disabling the `register handler()` function until a patch is available. Restrict access to user registration to minimize the risk of exploitation.