$1,313 Bounty Awarded for Privilege Escalation Vulnerability Patched in RegistrationMagic WordPress Plugin
🎉 Did you know we’re running a Bug Bounty Extravaganza again?
Earn over 6x our usual bounty rates, up to $10,000, for all vulnerabilities submitted through May 27th, 2024 when you opt to have Wordfence handle responsible disclosure!
On February 26th, 2024, during our second Bug Bounty Extravaganza, we received a submission for a Privilege Escalation vulnerability in RegistrationMagic, a WordPress plugin with more than 10,000+ active installations. This vulnerability makes it possible for an authenticated attacker to grant themselves administrative privileges by updating the user role.
Props to Krzysztof Zając who discovered and responsibly reported this vulnerability through the Wordfence Bug Bounty Program. This researcher earned a bounty of $1,313.00 for this discovery during our Bug Bounty Program Extravaganza. Our mission is to Secure the Web, so we are proud to continue investing in vulnerability research like this and collaborating with researchers of this caliber through our Bug Bounty Program. This demonstrates that we are not only committed to investing in making the WordPress ecosystem more secure, but also the entire web.
Wordfence Premium, Wordfence Care, and Wordfence Response users received a firewall rule to protect against any exploits targeting this vulnerability on February 28, 2024. Sites using the free version of Wordfence will receive the same protection on March 29, 2024.
We contacted Metagauss on February 29, 2024, and received a response on March 4, 2024. After providing full disclosure details, the developer released a patch on March 11, 2024. We would like to commend Metagauss for their prompt response and timely patch.
We urge users to update their sites with the latest patched version of RegistrationMagic, which is version 5.3.1.0, as soon as possible.
Vulnerability Summary from Wordfence Intelligence
Description: RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login
Source: wordfence.com