What is the CVSS score of CVE-2026-32385?

CVE-2026-32385 has a CVSS 3.1 base score of 5.4 (Medium). CVSS vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L. EPSS exploitation probability: 0.0%.

Which versions of Registrationmagic are affected by CVE-2026-32385?

CVE-2026-32385 presents moderate security risk, a missing authorization vulnerability rated CVSS 5.4. Attackers could gain access beyond their authorized level.

Registrationmagic CVE-2026-32385

Q: How to fix or mitigate CVE-2026-32385?

Within 30 days: Identify affected systems and apply vendor patches as part of regular patch cycle. Monitor vendor channels for patch availability.

EUVD-2026-11891 MEDIUM

Missing Authorization (CWE-862)

2026-03-13 Patchstack

Authentication Bypass Registrationmagic

5.4

CVSS 3.1 · NVD

Severity by source

NVD PRIMARY

5.4 MEDIUM

AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

Low

Availability

Low

Lifecycle Timeline

EUVD ID Assigned

Mar 13, 2026 - 16:57 euvd

EUVD-2026-11891

Analysis Generated

Mar 13, 2026 - 16:57 vuln.today

CVE Published

Mar 13, 2026 - 11:42 nvd

MEDIUM 5.4

DescriptionCVE.org

Missing Authorization vulnerability in Metagauss RegistrationMagic custom-registration-form-builder-with-submission-manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects RegistrationMagic: from n/a through <= 6.0.7.6.

AnalysisAI

RegistrationMagic through version 6.0.7.6 contains a missing authorization vulnerability that allows authenticated users to modify data and cause service disruptions through improperly configured access controls. An attacker with valid credentials can bypass intended permission restrictions to perform unauthorized actions on form submissions and registration data. …

Unlock full vulnerability intelligence

Risk assessment & exploitation conditions
Attack chain visualization
Remediation with exact patch versions
Threat intelligence from 22 sources
Personal watchlist & email alerts

Continue with Google Continue with GitHub

Free forever · No credit card required

Vulnerability AssessmentAI

Risk Assessment	CVSS score of 5.4 (MEDIUM). Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Remediation	Monitor vendor advisories for patches. … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

Within 30 days: Identify affected systems and apply vendor patches as part of regular patch cycle. …

Threat intelligence, references, and detailed analysis are available after sign-in.

More from same product – last 7 days

CVE-2026-49764 CRITICAL Act Now

9.8 Jun 15

Authentication bypass in the RegistrationMagic WordPress plugin (versions up to and including 6.0.8.6) allows unauthenti

CVE-2026-32385 vulnerability details – vuln.today

Back