5 matches found
CVE-2026-9242
The RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login plugin for WordPress is vulnerable to Authentication Bypass via Insufficient Verification of Data Authenticity in all versions up to and including 6.0.8.6. This is due to the PayPal IPN callback handler...
CVE-2026-9242
The RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login plugin for WordPress is vulnerable to Authentication Bypass via Insufficient Verification of Data Authenticity in all versions up to and including 6.0.8.6. This is due to the PayPal IPN callback handler...
CVE-2026-9242
The CVE covers RegistrationMagic for WordPress (all versions up to 6.0.8.6) with an AUTHENTICATION BYPASS via forged PayPal IPN requests. The PayPal IPN callback is registered as a nopriv AJAX action with no authentication or nonce, and the handler writes attacker-controlled POST data (including ...
PT-2026-53059
Name of the Vulnerable Software and Affected Versions RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login versions prior to 6.0.8.7 Description An authentication bypass exists due to insufficient verification of data authenticity. The PayPal IPN callback...
PHPYUN 信息泄露漏洞
PHP PHP: Hypertext Preprocessor is an open source general-purpose computer scripting language jointly maintained by the PHP community. The language is mainly used for Web development, supports a variety of databases and operating systems. An information disclosure vulnerability exists in PHPPYUN...