CVE-2023-47645

Name of the Vulnerable Software and Affected Versions RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login versions n/a through 5.2.2.6

Description A Cross-Site Request Forgery (CSRF) issue affects the software, allowing unauthorized actions. The estimated number of potentially affected devices worldwide is not provided. There is no information about real-world incidents where this issue was exploited. Technical details about exploitation include the vulnerability of the RegistrationMagic plugin to Cross Site Request Forgery.

Recommendations For versions n/a through 5.2.2.6, update to a version later than 5.2.2.6 to resolve the issue. As a temporary workaround, consider disabling the RegistrationMagic plugin until a patch is available. Restrict access to the vulnerable RegistrationMagic plugin to minimize the risk of exploitation.