This vulnerability is a CSRF issue in the Custom Fields Account Registration For Woocommerce plugin (versions <= 1.1) by silverplugins217. It allows attackers to perform unauthorized actions by exploiting the trust a web application has in the user's browser. The CVSS 3.1 vector indicates the attack requires no privileges but does require user interaction, with low complexity and no confidentiality or availability impact, only limited integrity impact. No patch or official fix information is currently available.

Successful exploitation could allow an attacker to cause a logged-in user to perform unintended actions within the Woocommerce plugin context, potentially altering account registration fields or related settings. The impact is limited to integrity with no direct confidentiality or availability effects. There are no known active exploits in the wild at this time.

Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is released, users should consider implementing CSRF protection measures such as verifying nonces or tokens in requests if possible. Monitoring for plugin updates from silverplugins217 is recommended to apply any forthcoming official patches.