Privilege Escalation Vulnerability in RegistrationMagic Plugin for WordPress
CVE-2025-15403

9.8CRITICAL

Key Information:

Vendor: WordPress
Status: Registrationmagic – Custom Registration Forms, User Registration, Payment, And User Login
Vendor: CVE Published:; 17 January 2026

What is CVE-2025-15403?

The RegistrationMagic plugin for WordPress has a vulnerability that allows unauthenticated attackers to exploit the 'add_menu' function via the 'rm_user_exists' AJAX action. This flaw enables arbitrary updates to the 'admin_order' setting, permitting attackers to inject an empty slug into the order parameter. As a result, they can manipulate the plugin's menu generation logic. When the admin menu is built, the plugin incorrectly adds the 'manage_options' capability to the targeted user role, posing a significant risk of privilege escalation. Notably, to fully exploit this vulnerability, an attacker would need to have at least a subscriber user account.

Affected Version(s)

RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login * <= 6.0.7.1

References

https://www.wordfence.com/threat-intel/vulnerabilities/id...

https://plugins.trac.wordpress.org/browser/custom-registr...

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jan 17, 2026
Vulnerability Reserved
Dec 31, 2025

Credit

Osvaldo Noe Gonzalez Del Rio

JSON