Lucene search
K

454 matches found

Positive Technologies
Positive Technologies
added 2026/01/28 12:0 a.m.9 views

PT-2026-5078

The RegistrationMagic plugin for WordPress is vulnerable to Missing Authorization in versions up to, and including, 6.0.7.4. This is due to missing nonce verification and capability checks on the rm set otp AJAX action handler. This makes it possible for unauthenticated attackers to modify...

5.3CVSS6AI score0.00232EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/01/28 12:0 a.m.5 views

WordPress Plugin RegistrationMagic has a security vulnerability

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

5.3CVSS5.8AI score0.00232EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/01/23 9:15 p.m.5 views

CVE-2026-24374

Cross-Site Request Forgery CSRF vulnerability in Metagauss RegistrationMagic custom-registration-form-builder-with-submission-manager allows Cross Site Request Forgery.This issue affects RegistrationMagic: from n/a through = 6.0.6.9...

5.4CVSS5.4AI score0.00097EPSS
Exploits0References1
NVD
NVD
added 2026/01/22 5:16 p.m.8 views

CVE-2026-24374

Cross-Site Request Forgery CSRF vulnerability in Metagauss RegistrationMagic custom-registration-form-builder-with-submission-manager allows Cross Site Request Forgery.This issue affects RegistrationMagic: from n/a through = 6.0.6.9...

5.4CVSS0.00097EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/01/22 4:52 p.m.3 views

CVE-2026-24374 WordPress RegistrationMagic plugin <= 6.0.6.9 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Metagauss RegistrationMagic custom-registration-form-builder-with-submission-manager allows Cross Site Request Forgery.This issue affects RegistrationMagic: from n/a through = 6.0.6.9...

5.4CVSS5.4AI score0.00097EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/01/22 4:52 p.m.4 views

CVE-2026-24374

Cross-Site Request Forgery CSRF vulnerability in Metagauss RegistrationMagic custom-registration-form-builder-with-submission-manager allows Cross Site Request Forgery.This issue affects RegistrationMagic: from n/a through = 6.0.6.9...

5.4CVSS5.3AI score0.00097EPSS
Exploits0References2
CVE
CVE
added 2026/01/22 4:52 p.m.16 views

CVE-2026-24374

CVE-2026-24374 is a CSRF vulnerability in the WordPress plugin family RegistrationMagic (specifically the Custom Registration Forms, User Registration, Payment, and User Login module—RegistrationMagic) affecting versions up to and including 6.0.6.9. Root cause: Cross-Site Request Forgery exposure...

5.4CVSS5.4AI score0.00097EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/01/22 4:52 p.m.22 views

CVE-2026-24374 WordPress RegistrationMagic plugin <= 6.0.6.9 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Metagauss RegistrationMagic custom-registration-form-builder-with-submission-manager allows Cross Site Request Forgery.This issue affects RegistrationMagic: from n/a through = 6.0.6.9...

5.4CVSS0.00097EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/01/22 12:0 a.m.12 views

PT-2026-4262

Cross-Site Request Forgery CSRF vulnerability in Metagauss RegistrationMagic custom-registration-form-builder-with-submission-manager allows Cross Site Request Forgery.This issue affects RegistrationMagic: from n/a through = 6.0.6.9...

5.4AI score0.00097EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/01/22 12:0 a.m.6 views

WordPress Plugin RegistrationMagic has a security vulnerability

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

5.4CVSS5.7AI score0.00097EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/01/19 6:44 a.m.7 views

WordPress RegistrationMagic plugin <= 6.0.7.1 - Privilege Escalation via admin_order vulnerability

Privilege Escalation via adminorder vulnerability discovered by Os in WordPress Plugin RegistrationMagic versions = 6.0.7.1...

9.8CVSS5.4AI score0.00461EPSS
Exploits2References1Affected Software1
RedhatCVE
RedhatCVE
added 2026/01/18 2:26 a.m.9 views

CVE-2025-15403

The RegistrationMagic plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 6.0.7.1. This is due to the 'addmenu' function is accessible via the 'rmuserexists' AJAX action and allows arbitrary updates to the 'adminorder' setting. This makes it possible f...

9.8CVSS6.3AI score0.00461EPSS
Exploits2References1
NVD
NVD
added 2026/01/17 3:16 a.m.8 views

CVE-2025-15403

The RegistrationMagic plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 6.0.7.1. This is due to the 'addmenu' function is accessible via the 'rmuserexists' AJAX action and allows arbitrary updates to the 'adminorder' setting. This makes it possible f...

9.8CVSS0.00461EPSS
Exploits2References4
EUVD
EUVD
added 2026/01/17 2:22 a.m.6 views

EUVD-2026-3164

The RegistrationMagic plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 6.0.7.1. This is due to the 'addmenu' function is accessible via the 'rmuserexists' AJAX action and allows arbitrary updates to the 'adminorder' setting. This makes it possible f...

9.8CVSS5.8AI score0.00461EPSS
Exploits2References5
Vulnrichment
Vulnrichment
added 2026/01/17 2:22 a.m.2 views

CVE-2025-15403 RegistrationMagic <= 6.0.7.1 - Unauthenticated Privilege Escalation via admin_order

The RegistrationMagic plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 6.0.7.1. This is due to the 'addmenu' function is accessible via the 'rmuserexists' AJAX action and allows arbitrary updates to the 'adminorder' setting. This makes it possible f...

9.8CVSS5.9AI score0.00461EPSS
Exploits2References4
CVE
CVE
added 2026/01/17 2:22 a.m.32 views

CVE-2025-15403

CVE-2025-15403 affects the RegistrationMagic WordPress plugin (versions

9.8CVSS6AI score0.00461EPSS
In wildExploits2References4
ATTACKERKB
ATTACKERKB
added 2026/01/17 2:22 a.m.3 views

CVE-2025-15403

The RegistrationMagic plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 6.0.7.1. This is due to the 'addmenu' function is accessible via the 'rmuserexists' AJAX action and allows arbitrary updates to the 'adminorder' setting. This makes it possible f...

9.8CVSS5.6AI score0.00461EPSS
Exploits2References5
Cvelist
Cvelist
added 2026/01/17 2:22 a.m.22 views

CVE-2025-15403 RegistrationMagic <= 6.0.7.1 - Unauthenticated Privilege Escalation via admin_order

The RegistrationMagic plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 6.0.7.1. This is due to the 'addmenu' function is accessible via the 'rmuserexists' AJAX action and allows arbitrary updates to the 'adminorder' setting. This makes it possible f...

9.8CVSS0.00461EPSS
Exploits2References4
CNNVD
CNNVD
added 2026/01/17 12:0 a.m.6 views

WordPress Plugin RegistrationMagic has a security vulnerability

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

9.8CVSS5.9AI score0.00461EPSS
Exploits2References5
Patchstack
Patchstack
added 2026/01/10 10:25 p.m.6 views

WordPress RegistrationMagic plugin <= 6.0.6.9 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by 0xd4rk5id3 in WordPress Plugin RegistrationMagic versions = 6.0.6.9...

5.4CVSS5.4AI score0.00097EPSS
Exploits0Affected Software1
Rows per page
Query Builder