N/A
2026-01-27< 6.0.7.5
RegistrationMagic <= 6.0.7.4 - Missing Authorization to Unauthenticated Arbitrary Settings Modification
RegistrationMagic – User Registration Forms Plugin
Vulnerabilities 59Slug custom-registration-form-builder-with-submission-managerLatest version 6.0.8.6WordPress.org →
Minimum safe version
6.0.7.7
Update to 6.0.7.7 or later to address 59 fixable vulnerabilities
Latest available6.0.8.6 ✓
Medium 4.3
2026-02-16< 6.0.7.2
RegistrationMagic < 6.0.7.2 - Missing Authorization
High 7.5
2026-03-25< 6.0.7.7
CVE-2026-32498
High 8.1
2026-03-25< 6.0.7.2
CVE-2026-24373
Medium 5.4
2026-03-13< 6.0.7.7
CVE-2026-32385
Medium 5.3
2026-02-18< 6.0.7.0
CVE-2025-14444
Medium 4.3
2026-02-13< 6.0.7.2
CVE-2025-15520
Medium 5.4
2026-01-22< 6.0.7.0
CVE-2026-24374
Critical 9.8
2026-01-17< 6.0.7.2
CVE-2025-15403
Medium 6.4
2025-12-15< 6.0.6.8
CVE-2025-13610
Critical 9.8
2025-10-18< 3.7.9.3
CVE-2017-20208
High 7.2
2025-10-08< 6.0.6.3
CVE-2025-11204
Medium 4.8
2025-05-15< 6.0.2.1
RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login <= 6.0.2 - Authenticated (Admin+) Stored Cross-Site Scripting
Medium 6.4
2025-04-04< 6.0.4.4
RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login <= 6.0.4.3 - Authenticated (Subscriber+) Stored Cross-Site Scripting
High 7.1
2025-01-31< 6.0.3.4
CVE-2025-24686
Critical 9.8
2024-11-26< 6.0.2.7
WordPress RegistrationMagic Plugin <= 6.0.2.6 is vulnerable to Privilege Escalation
Medium 6.1
2024-08-19< 6.0.1.1
CVE-2024-43317
Medium 6.1
2024-08-01< 6.0.0.2
CVE-2024-39643
Medium 6.1
2024-05-03< 5.3.2.1
CVE-2024-33947
High 8.8
2024-04-09< 5.3.2.0
CVE-2024-1990
Medium 4.3
2024-03-26< 5.3.1.0
CVE-2024-2951
High 7.1
2024-03-19< 5.2.6.0
CVE-2024-29113
High 8.8
2024-04-09< 5.3.1.0
CVE-2024-1991
Medium 4.3
2024-03-21< 5.2.6.0
CVE-2024-25935
N/A
2024-02-20< 5.2.6.0
RegistrationMagic <= 5.2.5.9 - Cross-Site Request Forgery
High 7.1
2024-12-27< 5.2.4.2
WordPress RegistrationMagic Plugin <= 5.2.4.1 is vulnerable to Cross Site Scripting (XSS)
Medium 5.3
2024-12-27< 5.2.5.1
WordPress RegistrationMagic Plugin <= 5.2.5.0 is vulnerable to Bypass Vulnerability
Medium 5.3
2024-12-27< 5.2.5.1
WordPress RegistrationMagic Plugin <= 5.2.5.0 is vulnerable to Bypass Vulnerability
High 7.6
2024-12-21< 5.2.4.6
WordPress RegistrationMagic Plugin <= 5.2.4.5 is vulnerable to SQL Injection
High 7.5
2024-12-09< 5.2.3.1
CVE-2023-49831
Medium 4.3
2023-11-30< 5.2.3.0
CVE-2023-47645
N/A
2023-10-07< 5.2.4.2
RegistrationMagic <= 5.2.4.1 - Reflected Cross-Site Scripting via section_id
High 7.2
2023-05-16< 5.2.1.0
CVE-2023-2548
Critical 9.8
2023-05-16< 5.2.1.1
CVE-2023-2499
Medium 5.4
2023-03-13< 5.1.9.3
CVE-2023-25991
Medium 5.3
2024-04-24< 5.1.9.3
CVE-2023-23989
High 7.5
2024-04-24< 5.1.9.3
CVE-2023-23976
N/A
2017-10-02< 3.7.9.3
RegistrationMagic - Custom Registration Forms <= 3.7.9.2 - PHP Object Injection
N/A
2017-12-10< 3.8.0.9
RegistrationMagic - Custom Registration Forms <= 3.8.0.4 - SQL Injection
N/A
2017-12-10< 3.8.0.9
RegistrationMagic - Custom Registration Forms <= 3.7.9.4 - Reflected Cross-Site Scripting
N/A
< 3.7.9.3
wpscan.com
N/A
< 3.8.0.9
RegistrationMagic - Custom Registration Forms <= 3.8.0.4 - Authenticated SQL Injection
N/A
< 3.8.0.9
RegistrationMagic - Custom Registration Forms <= 3.8.0.4 - Authenticated Reflected XSS
N/A
< 5.0.1.9
Registration Magic < 5.0.1.9 - Reflected Cross-Site Scripting
N/A
2017-10-03< 3.7.9.3
WordPress RegistrationMagic-Custom Registration Forms plugin <= 3.7.9.2 - Unauthenticated PHP Object Injection vulnerability
N/A
2020-01-30< 4.6.0.3
WordPress RegistrationMagic plugin <= 4.6.0.1 - Authenticated SQL Injection (SQLi) vulnerability
N/A
2020-03-05< 4.6.0.4
WordPress RegistrationMagic plugin <= 4.6.0.3 - Multiple Critical vulnerabilities
N/A
2021-12-27< 5.0.1.9
WordPress RegistrationMagic plugin <= 5.0.1.8 - Reflected Cross-Site Scripting (XSS) vulnerability
High 8.8
2020-03-06< 4.6.0.4
CVE-2020-9458
High 8.8
2020-03-06< 4.6.0.4
CVE-2020-9457
High 8.8
2020-03-06< 4.6.0.4
CVE-2020-9456
Medium 4.3
2020-03-06< 4.6.0.4
CVE-2020-9455
High 8.8
2020-03-06< 4.6.0.4
CVE-2020-9454
Medium 6.1
2020-03-12< 4.6.0.3
CVE-2020-8436
High 8.1
2020-03-12< 4.6.0.3
CVE-2020-8435
High 8.1
2021-12-14< 5.0.2.2
CVE-2021-4073
High 7.2
2022-01-23< 5.0.1.6
RegistrationMagic <= 5.0.1.5 - SQL Injection
Medium 6.1
2022-02-01< 5.0.2.2
CVE-2021-24648
High 7.2
2022-03-07< 5.0.2.2
CVE-2022-0420