WordPress Plugin RegistrationMagic-User Registration with Custom Registration Forms Cross-Site Scripting - CVE-2024-33947 - Vulnerability Database

WP Plugin Custom Registration Form Builder With Submission Manager

WordPress Plugin RegistrationMagic-User Registration with Custom Registration Forms Cross-Site Scripting - CVE-2024-33947

Medium

Reference: CVE-2024-33947

NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2024-33947

Title: WordPress Plugin RegistrationMagic-User Registration with Custom Registration Forms Cross-Site Scripting

Overview:

WordPress Plugin RegistrationMagic-User Registration with Custom Registration Forms is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks. WordPress Plugin RegistrationMagic-User Registration with Custom Registration Forms version 5.3.2.0 is vulnerable prior versions may also be affected.