Skip to main content

Registrationmagic Custom Registration Forms User Registration Payment And User Login

2 CVEs product

Monthly

CVE-2026-12158 HIGH This Week

Privilege escalation via Cross-Site Request Forgery in the RegistrationMagic WordPress plugin (all versions through 6.0.9.1) lets a remote attacker promote an arbitrary form submitter to administrator by forging a request to the process_request function, which lacks proper nonce validation. The attack plants a malicious Chronos automation task that later runs through WordPress cron, and it succeeds when a logged-in administrator is tricked into clicking an attacker-supplied link. No public exploit identified at time of analysis, and it is not listed in CISA KEV; risk is driven by the plugin's install base and the low technical bar of CSRF.

WordPress CSRF Registrationmagic Custom Registration Forms User Registration Payment And User Login
NVD VulDB
CVSS 3.1
8.8
EPSS
0.2%
CVE-2026-9242 MEDIUM This Month

Authentication bypass in the RegistrationMagic WordPress plugin (all versions through 6.0.8.6) permits an unauthenticated attacker with a prior legitimate payment transaction on the target site to obtain real WordPress session cookies for any user account, including administrators. The flaw exploits a fatally inverted processing order in the PayPal IPN callback handler: attacker-controlled POST data including the target user_id is written to the payment log database before PayPal IPN validation is performed, and the database poisoning persists even after validation subsequently rejects the forged notification. No public exploit has been identified at time of analysis and no CISA KEV listing exists, but the account-takeover impact makes this a critical priority for any site running the plugin with active PayPal payment integration.

WordPress Authentication Bypass Registrationmagic Custom Registration Forms User Registration Payment And User Login
NVD VulDB
CVSS 3.1
5.3
EPSS
0.2%
EPSS 0% CVSS 8.8
HIGH This Week

Privilege escalation via Cross-Site Request Forgery in the RegistrationMagic WordPress plugin (all versions through 6.0.9.1) lets a remote attacker promote an arbitrary form submitter to administrator by forging a request to the process_request function, which lacks proper nonce validation. The attack plants a malicious Chronos automation task that later runs through WordPress cron, and it succeeds when a logged-in administrator is tricked into clicking an attacker-supplied link. No public exploit identified at time of analysis, and it is not listed in CISA KEV; risk is driven by the plugin's install base and the low technical bar of CSRF.

WordPress CSRF Registrationmagic Custom Registration Forms User Registration Payment And User Login
NVD VulDB
EPSS 0% CVSS 5.3
MEDIUM This Month

Authentication bypass in the RegistrationMagic WordPress plugin (all versions through 6.0.8.6) permits an unauthenticated attacker with a prior legitimate payment transaction on the target site to obtain real WordPress session cookies for any user account, including administrators. The flaw exploits a fatally inverted processing order in the PayPal IPN callback handler: attacker-controlled POST data including the target user_id is written to the payment log database before PayPal IPN validation is performed, and the database poisoning persists even after validation subsequently rejects the forged notification. No public exploit has been identified at time of analysis and no CISA KEV listing exists, but the account-takeover impact makes this a critical priority for any site running the plugin with active PayPal payment integration.

WordPress Authentication Bypass Registrationmagic Custom Registration Forms User Registration Payment And User Login
NVD VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy