Impact
This vulnerability in the RegistrationMagic plugin for WordPress allows an unauthenticated attacker to perform a cross‑site request forgery. By exploiting missing or incorrect nonce validation in the process_request function, the attacker can craft a malicious Chronos automation task that is executed by WordPress cron. The effect is that an arbitrary form submitter can be changed to an administrator, giving the attacker full control over the site.
Affected Systems
WordPress sites running the RegistrationMagic plugin from the metagauss vendor, specifically versions 6.0.9.1 and older. The plugin provides custom registration forms, user registration, payment, and login functionality.
Risk and Exploitability
The CVSS score of 8.8 indicates a high‑severity vulnerability. Although the EPSS score is not available, the lack of a KEV listing suggests it has not yet been widely exploited. The attack requires an attacker to trick a site administrator into following a malicious link or otherwise triggering the forged request, so it is less likely to succeed against cautious administrators but can be automated through the cron system. The missing nonce validation means there are no technical safeguards once the forged request is delivered, making exploitation straightforward once the preconditions are met.
OpenCVE Enrichment