CVE-2025-2836 — The RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘payment_method’ parameter in al — CVE Database · The Intelligence Room