EUVD-2026-15845

Missing Authorization vulnerability in Metagauss RegistrationMagic custom-registration-form-builder-with-submission-manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects RegistrationMagic: from n/a through = 6.0.7.6...

CVE-2026-32498

Missing Authorization vulnerability in Metagauss RegistrationMagic custom-registration-form-builder-with-submission-manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects RegistrationMagic: from n/a through = 6.0.7.6...

CVE-2026-32498

CVE-2026-32498 is a Missing Authorization vulnerability in the RegistrationMagic plugin (RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login) affecting versions up to and including 6.0.7.6. The Wordfence report explicitly attributes the issue to broken access...

CVE-2026-32498 WordPress RegistrationMagic plugin <= 6.0.7.6 - Broken Access Control vulnerability

Missing Authorization vulnerability in Metagauss RegistrationMagic custom-registration-form-builder-with-submission-manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects RegistrationMagic: from n/a through = 6.0.7.6...

CVE-2026-32498

Missing Authorization vulnerability in Metagauss RegistrationMagic custom-registration-form-builder-with-submission-manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects RegistrationMagic: from n/a through = 6.0.7.6...

CVE-2026-24373

CVE-2026-24373: Affected software is Metagauss RegistrationMagic Custom Registration Forms, User Registration, Payment, and User Login (RegistrationMagic custom-registration-form-builder-with-submission-manager) version

PT-2026-27855

Name of the Vulnerable Software and Affected Versions Metagauss RegistrationMagic versions through 6.0.7.1 Description An incorrect privilege assignment exists in Metagauss RegistrationMagic custom-registration-form-builder-with-submission-manager, allowing for privilege escalation. The issue...

EUVD-2026-11891

Missing Authorization vulnerability in Metagauss RegistrationMagic custom-registration-form-builder-with-submission-manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects RegistrationMagic: from n/a through = 6.0.7.6...

CVE-2026-32385 WordPress RegistrationMagic plugin <= 6.0.7.6 - Broken Access Control vulnerability

Missing Authorization vulnerability in Metagauss RegistrationMagic custom-registration-form-builder-with-submission-manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects RegistrationMagic: from n/a through = 6.0.7.6...

CVE-2026-32385 WordPress RegistrationMagic plugin <= 6.0.7.6 - Broken Access Control vulnerability

Missing Authorization vulnerability in Metagauss RegistrationMagic custom-registration-form-builder-with-submission-manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects RegistrationMagic: from n/a through = 6.0.7.6...

CVE-2026-24374

Cross-Site Request Forgery CSRF vulnerability in Metagauss RegistrationMagic custom-registration-form-builder-with-submission-manager allows Cross Site Request Forgery.This issue affects RegistrationMagic: from n/a through = 6.0.6.9...

CVE-2025-14976 User Registration & Membership <= 4.4.8 - Cross-Site Request Forgery to Arbitrary Post Deletion

The User Registration & Membership – Custom Registration Form Builder, Custom Login Form, User Profile, Content Restriction & Membership Plugin plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.4.8. This is due to missing or incorrect nonce...

CVE-2024-2417

The User Registration – Custom Registration Form, Login Form, and User Profile WordPress Plugin plugin for WordPress is vulnerable to privilege escalation due to a missing capability check on the formsaveaction function in all versions up to, and including, 3.1.5. This makes it possible for...

CVE-2024-2417 User Registration – Custom Registration Form, Login Form, and User Profile WordPress Plugin <= 3.1.5 - Missing Authorization to Authenticated (Subscriber+) Privilege Escalation

The User Registration – Custom Registration Form, Login Form, and User Profile WordPress Plugin plugin for WordPress is vulnerable to privilege escalation due to a missing capability check on the formsaveaction function in all versions up to, and including, 3.1.5. This makes it possible for...

VulnCheck KEV: CVE-2024-2417

The User Registration - Custom Registration Form, Login Form, and User Profile WordPress Plugin plugin for WordPress is vulnerable to privilege escalation due to a missing capability check on the formsaveaction function in all versions up to, and including, 3.1.5. This makes it possible for...

WooCommerce Custom Registration Form <= 1.0.4 - Arbitrary Field Deletion and Form Modification via CSRF

The plugin does not properly check for CSRF in its delfield and savealldata AJAX actions, allowing attacker to make logged in user call them via a CSRF attack PoC To delete a field from the Registration Form: To change the whole Registration Form:...

User Registration <= 1.5.5 - Authenticated Cross-Site Scripting (XSS)

The User Registration – Custom Registration Form, Login And User Profile For WordPress WordPress plugin was affected by an Authenticated Cross-Site Scripting XSS security vulnerability. PoC...