ThreatPress

WordPress Vulnerabilities Database

Back

WordPress RegistrationMagic-Custom Registration Forms plugin <= 3.7.9.2 - Unauthenticated PHP Object Injection vulnerability

Product
RegistrationMagic-Custom Registration Forms
Description
Unauthenticated PHP Object Injection vulnerability found by Matt Barry (WordFence) in WordPress RegistrationMagic-Custom Registration Forms plugin (versions <= 3.7.9.2).
Solution
Update the WordPress RegistrationMagic-Custom Registration Forms plugin to the latest available version (at least 3.7.9.3).
Classification
Type Remote File Inclusion
References
Plugin changelog
CVE
Name CVE-N/A
Versions
Affected In <= 3.7.9.2
Fixed In 3.7.9.3
Disclosure date
2017-10-03
Credits
Matt Barry (WordFence)
Submitter
ThreatPress