Really Simple Security logo

Log out
Get PRO

Latest

Input validation vulnerability in RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login 5.2.5.9

  • Severity: medium-risk
  • Status: Fixed
  • Publication: February 20, 2024

A popular plugin for WordPress called RegistrationMagic has a security issue that could allow unauthorized individuals to change the default payment method without permission. This vulnerability affects all versions of the plugin up to version 5.2.5.9. This is because the plugin does not properly validate certain information, making it possible for hackers to manipulate the system and trick users into unknowingly making changes.

Detected in:

Registration Forms by RegistrationMagic – Custom User Registration for WordPress fixed vulnerable versions:
RegistrationMagic – Custom Registration Forms, User Registration, Payment and User Login fixed vulnerable versions:
RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login fixed vulnerable versions: >= * <= 5.2.5.9
RegistrationMagic – Custom User Registration Forms fixed vulnerable versions:
RegistrationMagic – Custom User Registration Forms Plugin fixed vulnerable versions:
RegistrationMagic – Custom User Registration Forms, Payment Forms, and User Login fixed vulnerable versions:
RegistrationMagic – User Registration Plugin with Custom Registration Forms fixed vulnerable versions:

This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!

Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:

> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21

  • Incorrect?

Is this information incorrect? Please leave us a message.