CVSS base score
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
What the vulnerability does
The RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login plugin for WordPress is vulnerable to PHP Object Injection in all versions up to 3.7.9.3 (exclusive) via deserialization of untrusted input from the is_expired_by_date() function. This makes it possible for unauthenticated attackers to inject a PHP Object. The additional presence of a POP chain allows attackers to fetch a remote file and install it on the site.
Explanation of Vulnerability in Simple Terms
RegistrationMagic versions before 3.7.9.3 deserialize untrusted data without validation, allowing an attacker to run their own PHP code on the site. No authentication or user interaction is required. An attacker can read files, modify data, or take full control of the WordPress installation.
What an attacker can do
Run arbitrary PHP code on the site and take full control of the WordPress installation.
Potential impact on your site
Complete compromise of the WordPress site, including data theft, malware injection, and loss of admin control.
Conditions required to exploit
Network access only; no authentication or user interaction required.
Key dates
External resources
Related vulnerabilities
