RegistrationMagic – User Registration Plugin with Custom Registration Forms < 6.0.2.7 – Unauthenticated Privilege Escalation via Password Recovery | CVE 2024-10508 | Plugin Vulnerabilities

Description

The RegistrationMagic – User Registration Plugin with Custom Registration Forms plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 6.0.2.6. This is due to the plugin not properly validating the password reset token prior to updating a user's password. This makes it possible for unauthenticated attackers to reset the password of arbitrary users, including administrators, and gain access to these accounts.

Affects Plugins

custom-registration-form-builder-with-submission-manager

Fixed in 6.0.2.7

References

CVE

URL

https://www.wordfence.com/threat-intel/vulnerabilities/id/c4679fa7-be6b-4f50-8cdf-ff9822794f19

Miscellaneous

Original Researcher

shaman0x01

Verified

No

WPVDB ID

32420c25-eea4-44d2-8f87-7234d54f462d

Timeline

Publicly Published

2024-11-08 (about 1 year ago)

Added

2024-11-18 (about 1 year ago)

Last Updated

2024-11-18 (about 1 year ago)

Other

Published

Title

Published

2025-02-14

Title

Bit Assist < 1.5.3 - Subscriber+ Arbitrary File Read via fileID Parameter

Published

2025-10-14

Title

Binary MLM Plan < 5.0 - Unauthenticated Limited Privilege Escalation

Published

2013-06-21

Title

WordPress 3.5.1 - TinyMCE Plugin Flash Applet Unspecified Spoofing Weakness

Published

2015-10-01

Title

Jetpack <= 3.7.0 - Information Disclosure

Published

2014-08-01

Title

WordPress 3.4 - 3.5.1 DoS in class-phpass.php