Really Simple Security logo

Log out
Get PRO

Latest

Input validation vulnerability in RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login 5.2.4.2

  • Severity: medium-risk
  • Status: Fixed
  • Publication: October 7, 2023

The RegistrationMagic plugin for WordPress is vulnerable to a security issue that makes it possible for attackers to inject malicious code into pages. This issue affects versions up to, and including, 5.2.4.1 and is caused by not properly checking user input and not escaping output. To exploit this vulnerability, attackers would need to trick a user into clicking on a link.

Detected in:

Registration Forms by RegistrationMagic – Custom User Registration for WordPress fixed vulnerable versions:
RegistrationMagic – Custom Registration Forms, User Registration, Payment and User Login fixed vulnerable versions:
RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login fixed vulnerable versions: >= * < 5.2.4.2
RegistrationMagic – Custom User Registration Forms fixed vulnerable versions:
RegistrationMagic – Custom User Registration Forms Plugin fixed vulnerable versions:
RegistrationMagic – Custom User Registration Forms, Payment Forms, and User Login fixed vulnerable versions:
RegistrationMagic – User Registration Plugin with Custom Registration Forms fixed vulnerable versions:

This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!

Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:

> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21

  • Incorrect?

Is this information incorrect? Please leave us a message.