RegistrationMagic WordPress Plugin Allows Unrestricted Form Creation

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

4.3

RegistrationMagic WordPress Plugin Allows Unrestricted Form Creation

CVE-2026-0929

Summary

If you use the RegistrationMagic WordPress plugin, a security issue exists that could allow unauthorized users to create forms on your site. This could lead to malicious activity, such as spam or data theft. Update to version 6.0.7.2 or later to fix the issue.

Original title

The RegistrationMagic WordPress plugin before 6.0.7.2 does not have proper capability checks, allowing subscribers and above to create forms on the site.

Original description

The RegistrationMagic WordPress plugin before 6.0.7.2 does not have proper capability checks, allowing subscribers and above to create forms on the site.

nvd CVSS3.1 4.3

Vulnerability type

CWE-862 Missing Authorization

https://wpscan.com/vulnerability/c0f17d83-6199-4676-90ec-4fba1e7fcf0f/

Published: 16 Feb 2026 · Updated: 10 Mar 2026 · First seen: 6 Mar 2026