CVE-2026-32498

{"id": "CVE-2026-32498", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2026-03-25T17:17:01.680", "references": [{"url": "https://patchstack.com/database/Wordpress/Plugin/custom-registration-form-builder-with-submission-manager/vulnerability/wordpress-registrationmagic-plugin-6-0-7-6-broken-access-control-vulnerability-2?_s_id=cve", "source": "audit@patchstack.com"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Secondary", "source": "audit@patchstack.com", "description": [{"lang": "en", "value": "CWE-862"}]}], "descriptions": [{"lang": "en", "value": "Missing Authorization vulnerability in Metagauss RegistrationMagic custom-registration-form-builder-with-submission-manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects RegistrationMagic: from n/a through <= 6.0.7.6."}, {"lang": "es", "value": "Vulnerabilidad de Falta de Autorizaci\u00f3n en Metagauss RegistrationMagic constructor de formularios de registro personalizados con gestor de env\u00edos permite Explotar Niveles de Seguridad de Control de Acceso Mal Configurados. Este problema afecta a RegistrationMagic: desde n/d hasta &lt;= 6.0.7.6."}], "lastModified": "2026-04-24T16:35:20.070", "sourceIdentifier": "audit@patchstack.com"}