436 matches found
WordPress RegistrationMagic <5.0.1.6 - Authenticated SQL Injection
WordPress RegistrationMagic plugin before 5.0.1.6 contains an authenticated SQL injection vulnerability. The plugin does not escape user input in its rmchronosajax AJAX action before using it in a SQL statement when duplicating tasks in batches. An attacker can possibly obtain sensitive...
RegistrationMagic <= 5.0.1.7 - Authentication Bypass
RegistrationMagic WordPress plugin versions = 5.0.1.7 contain an authentication bypass caused by missing identity validation in socialloginusingemail, letting unauthenticated users log in as any site user, exploit requires knowing a valid username. id: CVE-2021-4073 info: name: RegistrationMagic ...
VulnCheck KEV: CVE-2025-15403
The RegistrationMagic plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 6.0.7.1. This is due to the 'addmenu' function is accessible via the 'rmuserexists' AJAX action and allows arbitrary updates to the 'adminorder' setting. This makes it possible f...
Exploit for CVE-2025-15403
CVE-2025-15403 RegistrationMagic = 6.0.7.1 - Unauthenticat...
CVE-2026-32498
Missing Authorization vulnerability in Metagauss RegistrationMagic custom-registration-form-builder-with-submission-manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects RegistrationMagic: from n/a through = 6.0.7.6...
CVE-2026-32385
Missing Authorization vulnerability in Metagauss RegistrationMagic custom-registration-form-builder-with-submission-manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects RegistrationMagic: from n/a through = 6.0.7.6...
EUVD-2026-15845
Missing Authorization vulnerability in Metagauss RegistrationMagic custom-registration-form-builder-with-submission-manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects RegistrationMagic: from n/a through = 6.0.7.6...
EUVD-2026-15569
Incorrect Privilege Assignment vulnerability in Metagauss RegistrationMagic custom-registration-form-builder-with-submission-manager allows Privilege Escalation.This issue affects RegistrationMagic: from n/a through = 6.0.7.1...
CVE-2026-32498
Missing Authorization vulnerability in Metagauss RegistrationMagic custom-registration-form-builder-with-submission-manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects RegistrationMagic: from n/a through = 6.0.7.6...
CVE-2026-24373
Incorrect Privilege Assignment vulnerability in Metagauss RegistrationMagic custom-registration-form-builder-with-submission-manager allows Privilege Escalation.This issue affects RegistrationMagic: from n/a through = 6.0.7.1...
CVE-2026-32498
CVE-2026-32498 is a Missing Authorization vulnerability in the RegistrationMagic plugin (RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login) affecting versions up to and including 6.0.7.6. The Wordfence report explicitly attributes the issue to broken access...
CVE-2026-32498 WordPress RegistrationMagic plugin <= 6.0.7.6 - Broken Access Control vulnerability
Missing Authorization vulnerability in Metagauss RegistrationMagic custom-registration-form-builder-with-submission-manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects RegistrationMagic: from n/a through = 6.0.7.6...
CVE-2026-32498
Missing Authorization vulnerability in Metagauss RegistrationMagic custom-registration-form-builder-with-submission-manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects RegistrationMagic: from n/a through = 6.0.7.6...
CVE-2026-32498 WordPress RegistrationMagic plugin <= 6.0.7.6 - Broken Access Control vulnerability
Missing Authorization vulnerability in Metagauss RegistrationMagic custom-registration-form-builder-with-submission-manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects RegistrationMagic: from n/a through = 6.0.7.6...
CVE-2026-24373 WordPress RegistrationMagic plugin <= 6.0.7.1 - Account Takeover vulnerability
Incorrect Privilege Assignment vulnerability in Metagauss RegistrationMagic custom-registration-form-builder-with-submission-manager allows Privilege Escalation.This issue affects RegistrationMagic: from n/a through = 6.0.7.1...
CVE-2026-24373
CVE-2026-24373: Affected software is Metagauss RegistrationMagic Custom Registration Forms, User Registration, Payment, and User Login (RegistrationMagic custom-registration-form-builder-with-submission-manager) version
CVE-2026-24373 WordPress RegistrationMagic plugin <= 6.0.7.1 - Account Takeover vulnerability
Incorrect Privilege Assignment vulnerability in Metagauss RegistrationMagic custom-registration-form-builder-with-submission-manager allows Privilege Escalation.This issue affects RegistrationMagic: from n/a through = 6.0.7.1...
WordPress plugin RegistrationMagic 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be added t...
PT-2026-28012
Name of the Vulnerable Software and Affected Versions RegistrationMagic versions prior to 6.0.7.7 Description A missing authorization flaw exists in the RegistrationMagic custom-registration-form-builder-with-submission-manager. This issue allows exploitation of incorrectly configured access...
PT-2026-27855
Name of the Vulnerable Software and Affected Versions Metagauss RegistrationMagic versions through 6.0.7.1 Description An incorrect privilege assignment exists in Metagauss RegistrationMagic custom-registration-form-builder-with-submission-manager, allowing for privilege escalation. The issue...