RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login, CVE-2025-15520

CVE, Research URL: CVE-2025-15520
Home page URL: Security reports for RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login
Application: RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login
Published on: Feb 13, 2026
Research Description: The RegistrationMagic WordPress plugin before 6.0.7.2 checks nonces but not capabilities, allowing for the disclosure of some sensitive data to subscribers and above.
Affected versions: max 6.0.7.2.
Status: vulnerable

RegistrationMagic &#8211; Custom Registration Forms, User Registration, Payment, and User Login, CVE-2025-15520