RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login <= 5.3.0.0 - Authenticated (Subscriber+) Privilege Escalation

Wordfence Intelligence > Vulnerability Database > RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login <= 5.3.0.0 - Authenticated (Subscriber+) Privilege Escalation

8.8

Missing Authorization

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVE	CVE-2024-1991
CVSS	8.8 (High)
Publicly Published	March 14, 2024
Last Updated	April 9, 2024
Researcher	Krzysztof Zając - CERT PL

Description

The RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login plugin for WordPress is vulnerable to privilege escalation due to a missing capability check on the update_users_role() function in all versions up to, and including, 5.3.0.0. This makes it possible for authenticated attackers, with subscriber-level access and above, to escalate their privileges to that of an administrator

References

Vulnerability Details for RegistrationMagic – User Registration Forms Plugin

RegistrationMagic – User Registration Forms Plugin

Software Type	Plugin
Software Slug	custom-registration-form-builder-with-submission-manager (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 5.3.1.0, or a newer patched version
Affected Version	<= 5.3.0.0
Patched Version	5.3.1.0

Recent vulnerabilities in RegistrationMagic – User Registration Forms Plugin

RegistrationMagic – User Registration Forms Plugin <= 6.0.8.6 - Missing Authorization

5.3

CVE-2026-49764

Jun 4, 2026

Researcher: James Paremain

RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login <= 6.0.7.6 - Missing Authorization

5.3

CVE-2026-32498

Mar 20, 2026

Researcher: Supakiad S. (m3ez)

RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login <= 6.0.7.1 - Authentication Bypass

9.8

CVE-2026-24373

Mar 12, 2026

Researcher: 0xd4rk5id3

RegistrationMagic <= 6.0.7.6 - Missing Authorization

4.3

CVE-2026-32385

Feb 18, 2026

Researcher: Supakiad S. (m3ez)

RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login <= 6.0.6.9 - Unauthenticated Payment Bypass via rm_process_paypal_sdk_payment

5.3

CVE-2025-14444

Feb 17, 2026

Researcher: Md. Moniruzzaman Prodhan (NomanProdhan)

RegistrationMagic < 6.0.7.2 - Missing Authorization

4.3

CVE-2026-0929

Feb 16, 2026

Researcher: Maktoum (bRpsd)

RegistrationMagic <= 6.0.7.4 - Missing Authorization to Unauthenticated Arbitrary Settings Modification

5.3

CVE-2026-1054

Jan 27, 2026

Researcher: Md. Moniruzzaman Prodhan (NomanProdhan)

RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login <= 6.0.7.1 - Authenticated (Subscriber+) Information Exposure

5.3

CVE-2025-15520

Jan 23, 2026

Researcher: Maktoum (bRpsd)

RegistrationMagic <= 6.0.7.1 - Unauthenticated Privilege Escalation via admin_order

9.8

CVE-2025-15403

Jan 16, 2026

Researcher: Osvaldo Noe Gonzalez Del Rio (Os)

RegistrationMagic <= 6.0.6.9 - Cross-Site Request Forgery

4.3

CVE-2026-24374

Jan 10, 2026

Researcher: 0xd4rk5id3

#	Title	CVE ID	CVSS	Researchers	Date
1	RegistrationMagic – User Registration Forms Plugin <= 6.0.8.6 - Missing Authorization	CVE-2026-49764	5.3	James Paremain	June 4, 2026
2	RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login <= 6.0.7.6 - Missing Authorization	CVE-2026-32498	5.3	Supakiad S. (m3ez)	March 20, 2026
3	RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login <= 6.0.7.1 - Authentication Bypass	CVE-2026-24373	9.8	0xd4rk5id3	March 12, 2026
4	RegistrationMagic <= 6.0.7.6 - Missing Authorization	CVE-2026-32385	4.3	Supakiad S. (m3ez)	February 18, 2026
5	RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login <= 6.0.6.9 - Unauthenticated Payment Bypass via rm_process_paypal_sdk_payment	CVE-2025-14444	5.3	Md. Moniruzzaman Prodhan (NomanProdhan)	February 17, 2026
6	RegistrationMagic < 6.0.7.2 - Missing Authorization	CVE-2026-0929	4.3	Maktoum (bRpsd)	February 16, 2026
7	RegistrationMagic <= 6.0.7.4 - Missing Authorization to Unauthenticated Arbitrary Settings Modification	CVE-2026-1054	5.3	Md. Moniruzzaman Prodhan (NomanProdhan)	January 27, 2026
8	RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login <= 6.0.7.1 - Authenticated (Subscriber+) Information Exposure	CVE-2025-15520	5.3	Maktoum (bRpsd)	January 23, 2026
9	RegistrationMagic <= 6.0.7.1 - Unauthenticated Privilege Escalation via admin_order	CVE-2025-15403	9.8	Osvaldo Noe Gonzalez Del Rio (Os)	January 16, 2026
10	RegistrationMagic <= 6.0.6.9 - Cross-Site Request Forgery	CVE-2026-24374	4.3	0xd4rk5id3	January 10, 2026

View more vulnerabilities in this software package View more vulnerabilities

This record contains material that is subject to copyright.

License: Defiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy. Read more.

License: CVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy. Read more.

Have information to add, or spot any errors? Contact us at wfi-support@wordfence.com so we can make any appropriate adjustments.

Did you know Wordfence Intelligence provides free personal and commercial API access to our comprehensive WordPress vulnerability database, along with a free webhook integration to stay on top of the latest vulnerabilities added and updated in the database? Get started today!

Learn more

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation