RegistrationMagic < 6.0.7.5 – Missing Authorization to Unauthenticated Arbitrary Settings Modification | CVE 2026-1054 | Plugin Vulnerabilities

Description

The RegistrationMagic plugin for WordPress is vulnerable to Missing Authorization in versions up to, and including, 6.0.7.4. This is due to missing nonce verification and capability checks on the rm_set_otp AJAX action handler. This makes it possible for unauthenticated attackers to modify arbitrary plugin settings, including reCAPTCHA keys, security settings, and frontend menu titles.

Affects Plugins

custom-registration-form-builder-with-submission-manager

Fixed in 6.0.7.5

References

CVE

URL

https://www.wordfence.com/threat-intel/vulnerabilities/id/daf4d246-85f3-48b3-985f-982fea4772f1

Classification

Type

NO AUTHORISATION

OWASP top 10

A5: Broken Access Control

CWE

CVSS

Miscellaneous

Original Researcher

Md. Moniruzzaman Prodhan (NomanProdhan)

Verified

No

WPVDB ID

b9ab1fb6-7582-400b-9de9-2fb22f3e180a

Timeline

Publicly Published

2026-01-27 (about 4 months ago)

Added

2026-01-27 (about 4 months ago)

Last Updated

2026-01-28 (about 4 months ago)

Other

Published

Title

Published

2024-08-12

Title

Leopard - WordPress offload media <= 2.0.36 - Missing Authorization to Authenticated (Subscriber+) Settings Update

Published

2026-01-26

Title

RegistrationMagic < 6.0.7.2 - Subscriber+ Form Creation

Published

2024-05-29

Title

Yumpu ePaper publishing < 3.0.0 - Missing Authorization to PDF Upload, Publishing, and API Key Modification

Published

2024-12-02

Title

AIO Contact <= 2.8.1 - Missing Authorization

Published

2024-07-01

Title

LearnPress – WordPress LMS Plugin < 4.2.6.8.2 - Missing Authorization to Unauthenticated User Registration Bypass