PT-2026-7970 · WordPress · Registrationmagic
Brpsd
·
Published
2026-02-13
·
Updated
2026-02-13
·
CVE-2025-15520
CVSS v3.1
4.3
Medium
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
RegistrationMagic WordPress plugin versions prior to 6.0.7.2
Description
The RegistrationMagic WordPress plugin does not properly validate capabilities when checking nonces, which can lead to the disclosure of sensitive data to users with subscriber-level access or higher.
Recommendations
Update RegistrationMagic WordPress plugin to version 6.0.7.2 or later.
Exploit
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Registrationmagic