5 matches found
CVE-2021-4073
creationtimestamp| type| source ---|---|--- 2025-10-31 21:02:41+00:00| seen| https://bsky.app/profile/beikokucyber.bsky.social/post/3m4jermavo52a 2025-12-01 16:22:58+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2021/CVE-2021-4073.yaml 2025-12-03...
CVE-2021-4073
The RegistrationMagic WordPress plugin made it possible for unauthenticated users to log in as any site user, including administrators, if they knew a valid username on the site due to missing identity validation in the social login function socialloginusingemail of the plugin. This affects...
CVE-2021-4073 RegistrationMagic <= 5.0.1.7 Authentication Bypass
The RegistrationMagic WordPress plugin made it possible for unauthenticated users to log in as any site user, including administrators, if they knew a valid username on the site due to missing identity validation in the social login function socialloginusingemail of the plugin. This affects...
CVE-2021-4073
The CVE-2021-4073 entry describes an authentication bypass in the WordPress RegistrationMagic plugin. Affected versions are
Authentication Bypass Vulnerability Patched in User Registration Plugin
Note: To receive disclosures like this in your inbox the moment they’re published, you can subscribe to our WordPress Security Mailing List. On September 16, 2021 the Wordfence Threat Intelligence team initiated the responsible disclosure process for a vulnerability we discovered in...