Really Simple Security logo

Log out
Get PRO

Latest

Input validation vulnerability in RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login 3.7.9.3

  • Severity: critical
  • Status: Fixed
  • Publication: October 2, 2017

The RegistrationMagic-Custom Registration Forms plugin for WordPress had a vulnerability in versions up to, and including, 3.7.9.2. This vulnerability allowed attackers to make a website fetch a remote file. This could have allowed attackers to access information that they should not have access to. Fortunately, this vulnerability has been patched in the latest version of the plugin.

Detected in:

Registration Forms by RegistrationMagic – Custom User Registration for WordPress fixed vulnerable versions:
RegistrationMagic – Custom Registration Forms, User Registration, Payment and User Login fixed vulnerable versions:
RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login fixed vulnerable versions: >= * < 3.7.9.3
RegistrationMagic – Custom User Registration Forms fixed vulnerable versions:
RegistrationMagic – Custom User Registration Forms Plugin fixed vulnerable versions:
RegistrationMagic – Custom User Registration Forms, Payment Forms, and User Login fixed vulnerable versions:
RegistrationMagic – User Registration Plugin with Custom Registration Forms fixed vulnerable versions:

This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!

Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:

> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21

  • Incorrect?

Is this information incorrect? Please leave us a message.