CVE-2026-0929
📋 TL;DR
The RegistrationMagic WordPress plugin before version 6.0.7.2 lacks proper capability checks, allowing users with subscriber-level permissions or higher to create forms on the site. This affects WordPress sites using vulnerable versions of the RegistrationMagic plugin.
💻 Affected Systems
- RegistrationMagic WordPress Plugin
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Subscriber-level users could create malicious forms to collect sensitive data, inject malicious scripts, or disrupt site functionality by creating excessive forms.
Likely Case
Subscribers create unwanted forms that clutter the site, potentially collecting unintended data or causing administrative overhead.
If Mitigated
With proper user role management and monitoring, impact is limited to minor site clutter that can be quickly cleaned up.
🎯 Exploit Status
Exploitation requires authenticated subscriber-level access. No public exploit code identified.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: 6.0.7.2
Vendor Advisory: https://wpscan.com/vulnerability/c0f17d83-6199-4676-90ec-4fba1e7fcf0f/
Restart Required: No
Instructions:
1. Log into WordPress admin panel. 2. Navigate to Plugins → Installed Plugins. 3. Find RegistrationMagic plugin. 4. Click 'Update Now' if available, or download version 6.0.7.2+ from WordPress repository. 5. Activate updated plugin.
🔧 Temporary Workarounds
Temporarily Disable Plugin
allDeactivate RegistrationMagic plugin until patched
wp plugin deactivate registrationmagic
Restrict User Capabilities
allUse role management plugin to remove form creation capabilities from subscribers
🧯 If You Can't Patch
- Monitor form creation logs and audit all existing forms regularly
- Implement web application firewall rules to detect suspicious form creation patterns
🔍 How to Verify
Check if Vulnerable:
Check RegistrationMagic plugin version in WordPress admin under Plugins → Installed PluginsCheck Version:
wp plugin get registrationmagic --field=versionVerify Fix Applied:
Confirm plugin version is 6.0.7.2 or higher📡 Detection & Monitoring
Log Indicators:
- Unexpected form creation events by non-admin users
- Multiple form creation attempts from subscriber accounts
Network Indicators:
- POST requests to form creation endpoints from non-privileged user sessions
SIEM Query:
source="wordpress" AND event="form_creation" AND user_role="subscriber"