CVE-2026-1054

The RegistrationMagic plugin for WordPress is vulnerable to Missing Authorization in versions up to, and including, 6.0.7.4. This is due to missing nonce verification and capability checks on the rmsetotp AJAX action handler. This makes it possible for unauthenticated attackers to modify arbitrar...

CVE-2026-1054 RegistrationMagic <= 6.0.7.4 - Missing Authorization to Unauthenticated Arbitrary Settings Modification

The RegistrationMagic plugin for WordPress is vulnerable to Missing Authorization in versions up to, and including, 6.0.7.4. This is due to missing nonce verification and capability checks on the rmsetotp AJAX action handler. This makes it possible for unauthenticated attackers to modify arbitrar...

EUVD-2026-4918

The RegistrationMagic plugin for WordPress is vulnerable to Missing Authorization in versions up to, and including, 6.0.7.4. This is due to missing nonce verification and capability checks on the rmsetotp AJAX action handler. This makes it possible for unauthenticated attackers to modify arbitrar...

PT-2026-5078

The RegistrationMagic plugin for WordPress is vulnerable to Missing Authorization in versions up to, and including, 6.0.7.4. This is due to missing nonce verification and capability checks on the rm set otp AJAX action handler. This makes it possible for unauthenticated attackers to modify...

PT-2020-11999 · Open Source Matters · Joomla!

Name of the Vulnerable Software and Affected Versions: Joomla! versions prior to 3.9.16 Description: The issue is related to a SQL injection vulnerability due to the lack of type casting of a variable in a SQL statement. This vulnerability affects the Featured Articles frontend menutype...