CVE-2026-1054

The RegistrationMagic plugin for WordPress is vulnerable to Missing Authorization in versions up to, and including, 6.0.7.4. This is due to missing nonce verification and capability checks on the rmsetotp AJAX action handler. This makes it possible for unauthenticated attackers to modify arbitrar...

CVE-2026-1054

The CVE-2026-1054 entry corresponds to the RegistrationMagic WordPress plugin and is supported by multiple connected sources (Wordfence, PatchStack, CVE List). The detail across these sources states that versions up to and including 6.0.7.4 are vulnerable due to missing nonce verification and mis...

EUVD-2026-4918

The RegistrationMagic plugin for WordPress is vulnerable to Missing Authorization in versions up to, and including, 6.0.7.4. This is due to missing nonce verification and capability checks on the rmsetotp AJAX action handler. This makes it possible for unauthenticated attackers to modify arbitrar...

WordPress Plugin RegistrationMagic has a security vulnerability

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...