The RegistrationMagic plugin for WordPress, which is used for creating custom registration forms, user registration, payment, and user login, has a security vulnerability. This means that unauthorized individuals could potentially access sensitive information from the database. The vulnerability is present in all versions up to and including 6.0.6.2 and is caused by inadequate protection of user input and insufficient preparation of SQL queries. This could potentially allow attackers with administrator access or higher to manipulate existing queries and extract sensitive data. Even unauthenticated attackers could exploit this vulnerability by injecting malicious code through the form submission.