The RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login plugin for WordPress is vulnerable to PHP Object Injection in all versions up to 3.7.9.3 (exclusive) via deserialization of untrusted input from the is_expired_by_date() function. This makes it possible for unauthenticated attackers to inject a PHP Object. The additional presence of a POP chain allows attackers to fetch a remote file and install it on the site.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HMetagauss Registrationmagic
APPMetagauss< 3.7.9.3
Related vulnerabilities
RegistrationMagic WordPress — przejęcie konta przez nieprawidłową walidację tokenu resetowania hasła
The RegistrationMagic plugin for WordPress is vulnerable to authentication bypass in versions up to, and inclu...
The RegistrationMagic WordPress plugin made it possible for unauthenticated users to log in as any site user, ...
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Metagaus...
Missing Authorization vulnerability in Metagauss RegistrationMagic custom-registration-form-builder-with-submi...