Lucene search
China National Vulnerability DatabaseCNVD-2021-101687HistoryDec 19, 2021 - 12:00 a.m.
WordPress RegistrationMagic plugin authorization problem vulnerability
2021-12-1900:00:00
China National Vulnerability Database
www.cnvd.org.cn
3
0.003 Low
EPSS
Percentile
71.5%
WordPress is the Wordpress Foundation’s set of blogging platform developed using the PHP language. The platform supports personal blogging sites on PHP and MySQL servers. registrationMagic plugin is a WordPress open source application plugin. the WordPress RegistrationMagic plugin has an authorization problem vulnerability that stems from the social login function social_login_ using_email() is missing authentication. An unauthenticated attacker could use this vulnerability to be able to log in as any site user (including administrators).
| CPE | Name | Operator | Version |
|---|---|---|---|
| WordPress RegistrationMagic Plugin <5. | eq | 0.1.7 |
Related
wordfence
wordfence
Authentication Bypass Vulnerability Patched in User Registration Plugin
2021-12-08 15:05:44
cve
cve
CVE-2021-4073
2021-12-14 16:15:09
cvelist
cvelist
CVE-2021-4073 RegistrationMagic <= 5.0.1.7 Authentication Bypass
2021-12-08 00:00:00
patchstack
patchstack
prion
prion
Design/Logic Flaw
2021-12-14 16:15:00
nvd
nvd
CVE-2021-4073
2021-12-14 16:15:09