Metagauss Registrationmagic – Custom Registration Forms, User Registration, Payment, And User Login

13 CVEs affecting Metagauss Registrationmagic – Custom Registration Forms, User Registration, Payment, And User Login. Latest disclosed: 2026-02-18. Critical: 4, High: 4.

Top CVEs affecting Metagauss Registrationmagic – Custom Registration Forms, User Registration, Payment, And User Login
CVE	Severity	Score	Published	Summary
`CVE-2025-15403`	Critical	`9.8`	2026-01-17	The RegistrationMagic plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 6.0.7.1. This is due to the 'add_menu' f…
`CVE-2017-20208`	Critical	`9.8`	2025-10-18	The RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login plugin for WordPress is vulnerable to PHP Object Injection in all…
`CVE-2024-10508`	Critical	`9.8`	2024-11-09	The RegistrationMagic – User Registration Plugin with Custom Registration Forms plugin for WordPress is vulnerable to privilege escalation via account takeover…
`CVE-2023-2499`	Critical	`9.8`	2023-05-16	The RegistrationMagic plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 5.2.1.0. This is due to insufficient verifi…
`CVE-2024-1991`	High	`8.8`	2024-04-09	The RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login plugin for WordPress is vulnerable to privilege escalation due to…
`CVE-2024-1990`	High	`8.8`	2024-04-09	The RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login plugin for WordPress is vulnerable to blind SQL Injection via the…
`CVE-2025-11204`	High	`7.2`	2025-10-08	The RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login plugin for WordPress is vulnerable to SQL Injection in all versio…
`CVE-2023-51509`	High	`7.1`	2024-02-01	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Metagauss RegistrationMagic – Custom Registration Forms…
`CVE-2023-2548`	Medium	`6.6`	2023-05-16	The RegistrationMagic plugin for WordPress is vulnerable to Insecure Direct Object References in versions up to, and including, 5.2.0.5. This is due to the plu…
`CVE-2025-13610`	Medium	`6.4`	2025-12-15	The RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login plugin for WordPress is vulnerable to Stored Cross-Site Scripting…
`CVE-2025-2836`	Medium	`6.4`	2025-04-04	The RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login plugin for WordPress is vulnerable to Stored Cross-Site Scripting…
`CVE-2025-14444`	Medium	`5.3`	2026-02-18	The RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login plugin for WordPress is vulnerable to payment bypass due to insuf…
`CVE-2026-1054`	Medium	`5.3`	2026-01-28	The RegistrationMagic plugin for WordPress is vulnerable to Missing Authorization in versions up to, and including, 6.0.7.4. This is due to missing nonce verif…