CVE-2017-20208

< 3.7.9.3

The RegistrationMagic - Custom Registration Forms, User Registration, Payment, and User Login plugin for WordPress is vulnerable t

9.8CRITICAL

CVE-2024-9390

< 6.0.2.1

The RegistrationMagic WordPress plugin before 6.0.2.1 does not sanitise and escape some of its settings, which could allow high p

4.8MEDIUM

CVE-2025-24686

< 6.0.3.4

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Metagauss RegistrationMagic

7.1HIGH

CVE-2023-49831

< 5.2.3.1

Missing Authorization vulnerability in Metagauss RegistrationMagic custom-registration-form-builder-with-submission-manager allows

7.5HIGH

CVE-2024-10508

< 6.0.2.7

The RegistrationMagic - User Registration Plugin with Custom Registration Forms plugin for WordPress is vulnerable to privilege es

9.8CRITICAL

CVE-2024-43317

< 6.0.1.1

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Metagauss User Regist

4.3MEDIUM

CVE-2024-39643

< 6.0.0.2

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in RegistrationMagic For

5.8MEDIUM

CVE-2023-51544

< 5.2.5.1

Improper Control of Interaction Frequency vulnerability in Metagauss RegistrationMagic allows Functionality Misuse.This issue affe

5.3MEDIUM

CVE-2023-51543

< 5.2.5.1

Authentication Bypass by Spoofing vulnerability in Metagauss RegistrationMagic allows Accessing Functionality Not Properly Constra

5.3MEDIUM

CVE-2024-33947

< 5.3.2.1

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Metagauss RegistrationMagic

7.1HIGH

CVE-2023-23989

< 5.1.9.3

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Metagauss RegistrationMagic.

5.3MEDIUM

CVE-2023-23976

< 5.1.9.3

Incorrect Default Permissions vulnerability in Metagauss RegistrationMagic allows Accessing Functionality Not Properly Constrained

7.5HIGH

CVE-2024-25935

< 5.2.6.0

Missing Authorization vulnerability in Metagauss RegistrationMagic.This issue affects RegistrationMagic: from n/a through 5.2.5.9.

4.3MEDIUM

CVE-2024-1991

< 5.3.1.0

The RegistrationMagic - Custom Registration Forms, User Registration, Payment, and User Login plugin for WordPress is vulnerable t

8.8HIGH

CVE-2024-1990

< 5.3.2.0

The RegistrationMagic - Custom Registration Forms, User Registration, Payment, and User Login plugin for WordPress is vulnerable t

8.8HIGH

CVE-2024-2951

< 5.3.1.0

Cross-Site Request Forgery (CSRF) vulnerability in Metagauss RegistrationMagic.This issue affects RegistrationMagic: from n/a thro

4.3MEDIUM

CVE-2024-29113

< 5.2.6.0

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Metagauss RegistrationMagic

7.1HIGH

CVE-2023-51509

<= 5.2.4.1

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Metagauss RegistrationMagic

7.1HIGH

CVE-2023-50846

<= 5.2.4.5

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in RegistrationMagic Registrati

7.6HIGH

CVE-2023-47645

< 5.2.3.0

Cross-Site Request Forgery (CSRF) vulnerability in RegistrationMagic - Custom Registration Forms, User Registrat

4.3MEDIUM

CVE-2023-2548

<= 5.2.0.5

The RegistrationMagic plugin for WordPress is vulnerable to Insecure Direct Object References in versions up to, and including, 5.

6.6MEDIUM

CVE-2023-2499

<= 5.2.1.0

The RegistrationMagic plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 5.2.1.0. This

9.8CRITICAL

CVE-2023-25991

< 5.1.9.3

Cross-Site Request Forgery (CSRF) vulnerability in RegistrationMagic plugin <= 5.1.9.2 versions.

5.4MEDIUM

CVE-2022-0420

< 5.0.2.2

The RegistrationMagic WordPress plugin before 5.0.2.2 does not sanitise and escape the rm_form_id parameter before using it in a S

7.2HIGH

CVE-2021-24648

< 5.0.1.9

The RegistrationMagic WordPress plugin before 5.0.1.9 does not sanitise and escape the rm_search_value parameter before outputting

6.1MEDIUM

CVE-2021-24862

< 5.0.1.6

The RegistrationMagic WordPress plugin before 5.0.1.6 does not escape user input in its rm_chronos_ajax AJAX action before using i

7.2HIGH

CVE-2021-4073

<= 5.0.1.7

The RegistrationMagic WordPress plugin made it possible for unauthenticated users to log in as any site user, including administra

9.8CRITICAL

CVE-2020-8436

all versions

XSS was discovered in the RegistrationMagic plugin 4.6.0.0 for WordPress via the rm_form_id, rm_tr, or form_name parameter.

6.1MEDIUM

CVE-2020-8435

all versions

An issue was discovered in the RegistrationMagic plugin 4.6.0.0 for WordPress. There is SQL injection via the rm_analytics_show_fo

8.1HIGH

CVE-2020-9458

<= 4.6.0.3

In the RegistrationMagic plugin through 4.6.0.3 for WordPress, the export function allows remote authenticated users (with minimal

8.8HIGH

CVE-2020-9457

<= 4.6.0.3

The RegistrationMagic plugin through 4.6.0.3 for WordPress allows remote authenticated users (with minimal privileges) to import c

8.8HIGH

CVE-2020-9456

<= 4.6.0.3

In the RegistrationMagic plugin through 4.6.0.3 for WordPress, the user controller allows remote authenticated users (with minimal

8.8HIGH

CVE-2020-9455

<= 4.6.0.3

The RegistrationMagic plugin through 4.6.0.3 for WordPress allows remote authenticated users (with minimal privileges) to send arb

4.3MEDIUM

CVE-2020-9454

<= 4.6.0.3

A CSRF vulnerability in the RegistrationMagic plugin through 4.6.0.3 for WordPress allows remote attackers to forge requests on be

8.8HIGH