A high-severity SQL Injection vulnerability has been identified in the RegistrationMagic WordPress plugin, a tool used for custom user registration and login forms. This flaw could allow an unauthenticated attacker to manipulate the website's database, potentially leading to the theft of sensitive user data, unauthorized modifications, or a full compromise of the application. Organizations are urged to update the affected plugin immediately to mitigate the risk of a data breach.

The vulnerability is a SQL Injection flaw. It exists because the plugin fails to properly sanitize user-supplied input before incorporating it into a database query. An unauthenticated attacker can craft a malicious request containing specially formatted SQL commands, which are then executed by the website's database. This could allow the attacker to bypass security controls, read sensitive information from the database (such as user credentials, personal data, and payment information), modify or delete data, and in some cases, gain administrative control over the website's database.

This vulnerability is rated as High severity with a CVSS score of 7.2. Successful exploitation could have a significant negative impact on the business. Potential consequences include a data breach of sensitive customer or user information, leading to reputational damage and potential regulatory fines under data protection laws like GDPR or CCPA. Furthermore, an attacker could deface the website, disrupt services by altering or deleting data, or use the compromised data for further malicious activities, resulting in financial loss and a loss of customer trust.

Immediate Action: Immediately update the "RegistrationMagic" WordPress plugin to the latest version available from the vendor, which will be a version higher than 6.0. If the plugin is no longer required for business operations, it should be deactivated and completely removed from the WordPress installation. It is also recommended to review overall WordPress security settings to ensure they align with security best practices.

Proactive Monitoring: Monitor web server access logs and database logs for suspicious requests, particularly those containing SQL syntax like UNION, SELECT, '--, or other common injection payloads targeted at pages managed by the plugin. Implement alerts for an unusual volume of database errors, as these can indicate failed exploitation attempts.

Compensating Controls: If immediate patching is not feasible, implement a Web Application Firewall (WAF) with a robust ruleset designed to detect and block SQL Injection attacks. Ensure the database user account for the WordPress application operates under the principle of least privilege, restricting its ability to modify the database schema or access tables outside of its intended scope.

Public Exploit Available: false

Given the high severity of this vulnerability and the potential for a significant data breach, it is strongly recommended that organizations using the affected RegistrationMagic plugin prioritize patching immediately. Although this CVE is not currently listed on the CISA KEV (Known Exploited Vulnerabilities) catalog, its high CVSS score indicates a critical risk. All instances of the plugin should be identified and updated or removed without delay to prevent potential compromise.