RegistrationMagic
Metagauss
Developer
6.0.7.9
Latest version
9,000
Installations
No date
Last updated
Vulnerability history
0 present
40 patched
18 Mitigation rules
- Account Takeover vulnerability<= 6.0.7.16 days ago
- Subscriber+ Sensitive Data Disclosure vulnerability<= 6.0.7.27 days ago
- Broken Access Control vulnerability<= 6.0.7.6Feb 18, 2026
- WordPress RegistrationMagic - Custom Registration Forms, User Registration, Payment, and User Login plugin <= 6.0.6.9 - Unauthenticated Payment Bypass via rm_process_paypal_sdk_payment vulnerability<= 6.0.6.9Feb 18, 2026
- Subscriber+ Form Creation vulnerability< 6.0.7.2Feb 16, 2026
- Missing Authorization to Unauthenticated Arbitrary Settings Modification vulnerability<= 6.0.7.4Jan 28, 2026
- Privilege Escalation via admin_order vulnerability<= 6.0.7.1Jan 19, 2026
- Cross Site Request Forgery (CSRF) vulnerability<= 6.0.6.9Jan 10, 2026
- Authenticated (Contributor+) Stored Cross-Site Scripting via 'RM_Forms' Shortcode vulnerability<= 6.0.6.7Dec 15, 2025
- Authenticated (Administrator+) SQL Injection vulnerability<= 6.0.6.2Oct 7, 2025
- Stored XSS vulnerability< 6.0.2.1May 19, 2025
- Authenticated (Subscriber+) Stored Cross-Site Scripting vulnerability<= 6.0.4.3Apr 3, 2025
- Reflected Cross Site Scripting (XSS) vulnerability<= 6.0.3.3Jan 28, 2025
- Unauthenticated Privilege Escalation via Password Recovery vulnerability<= 6.0.2.6Nov 26, 2024
- Cross Site Scripting (XSS) vulnerability<= 6.0.1.0Aug 16, 2024
- Cross Site Scripting (XSS) vulnerability<= 6.0.0.1Aug 1, 2024
- Cross Site Scripting (XSS) vulnerability<= 5.3.2.0Apr 30, 2024
- Auth. SQL Injection (SQLi) vulnerability<= 5.3.1.0Mar 26, 2024
- Cross Site Request Forgery (CSRF) vulnerability<= 5.3.0.0Mar 26, 2024
- Reflected Cross Site Scripting (XSS) vulnerability<= 5.2.5.9Mar 16, 2024
- Authenticated (Subscriber+) Privilege Escalation vulnerability<= 5.3.0.0Mar 14, 2024
- Broken Access Control vulnerability<= 5.2.5.9Feb 21, 2024
- Form Submission Limit Bypass vulnerability<= 5.2.5.0Dec 27, 2023
- IP Limit Bypass vulnerability<= 5.2.5.0Dec 27, 2023
- Reflected Cross Site Scripting (XSS) vulnerability<= 5.2.4.1Dec 27, 2023
- SQL Injection vulnerability<= 5.2.4.5Dec 21, 2023
- Broken Access Control vulnerability<= 5.2.3.0Dec 5, 2023
- Delete Form Submission Cross Site Request Forgery (CSRF) vulnerability<= 5.2.2.6Nov 27, 2023
- Authentication Bypass vulnerability<= 5.2.1.0May 16, 2023
- Multiple Cross Site Request Forgery (CSRF)<= 5.1.9.2Feb 17, 2023
- Arbitrary Price Change<= 5.1.9.2Jan 20, 2023
- Content Injection<= 5.1.9.2Jan 20, 2023
- Reflected Cross-Site Scripting (XSS) vulnerability<= 5.0.1.8Dec 28, 2021
- Reflected Cross-Site Scripting (XSS) vulnerability<= 5.0.1.8Dec 27, 2021
- Authentication Bypass vulnerability<= 5.0.1.7Dec 8, 2021
- SQL Injection (SQLi) vulnerability<= 5.0.1.5Dec 8, 2021
- Multiple Critical vulnerabilities<= 4.6.0.3Mar 5, 2020
- Multiple Cross-Site Scripting (XSS) vulnerabilities<= 4.6.0.1Jan 30, 2020
- Authenticated SQL Injection (SQLi) vulnerability<= 4.6.0.1Jan 30, 2020
- Unauthenticated PHP Object Injection vulnerability<= 3.7.9.2Oct 3, 2017