WordPress Plugin Vulnerabilities

RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login < 5.3.1.0 - Authenticated (Subscriber+) Privilege Escalation

Description

The RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login plugin for WordPress is vulnerable to privilege escalation due to a missing capability check on the update_users_role() function in all versions up to, and including, 5.3.0.0. This makes it possible for authenticated attackers, with subscriber-level access and above, to escalate their privileges to that of an administrator

Affects Plugins

Plugin icon
custom-registration-form-builder-with-submission-manager
Fixed in 5.3.1.0

References

CVE
CVE-2024-1991
URL
https://www.wordfence.com/threat-intel/vulnerabilities/id/766e3966-157a-4db3-9179-813032343f76

Classification

Type
NO AUTHORISATION
OWASP top 10
A5: Broken Access Control
CWE
CWE-862
CVSS
8.8 (high)

Miscellaneous

Original Researcher
Krzysztof Zając
Verified
No
WPVDB ID
a06944e0-ef54-47d5-bc71-a664e2e6a3ad

Timeline

Publicly Published
2024-03-14 (about 2 years ago)
Added
2024-03-14 (about 2 years ago)
Last Updated
2024-03-14 (about 2 years ago)

Other

Published
Title
Published
2024-04-30
Title
Google Typography <= 1.1.2 - Missing Authorization
Published
2026-02-18
Title
Book Previewer for Woocommerce <= 1.0.6 - Missing Authorization
Published
2026-01-21
Title
Edwiser Bridge < 4.3.3 - Missing Authorization
Published
2024-12-14
Title
Popup Surveys & Polls for WordPress (Mare.io) <= 1.36 - Missing Authorization
Published
2025-06-23
Title
Abandoned Contact Form 7 < 2.9 - Missing Authorization