WordPress RegistrationMagic plugin <= 5.2.3.0 - Broken Access Control vulnerability
CVE-2023-49831
7.5HIGH
What is CVE-2023-49831?
A missing authorization vulnerability exists in the user registration forms provided by the RegistrationMagic plugin from Metagauss. This flaw permits unauthorized users to exploit incorrectly configured access control security levels, potentially compromising sensitive data and user permissions. The vulnerability is present in all versions prior to 5.2.3.0, creating a significant security risk for WordPress sites utilizing the RegistrationMagic plugin.
Affected Version(s)
RegistrationMagic <= 5.2.3.0