Lucene search
+L

310 matches found

NVD
NVD
added 2026/03/13 7:54 p.m.7 views

CVE-2026-32385

Missing Authorization vulnerability in Metagauss RegistrationMagic custom-registration-form-builder-with-submission-manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects RegistrationMagic: from n/a through = 6.0.7.6...

5.4CVSS0.00218EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/03/13 11:42 a.m.29 views

CVE-2026-32385 WordPress RegistrationMagic plugin <= 6.0.7.6 - Broken Access Control vulnerability

Missing Authorization vulnerability in Metagauss RegistrationMagic custom-registration-form-builder-with-submission-manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects RegistrationMagic: from n/a through = 6.0.7.6...

5.4CVSS0.00218EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/03/13 11:42 a.m.3 views

CVE-2026-32385 WordPress RegistrationMagic plugin <= 6.0.7.6 - Broken Access Control vulnerability

Missing Authorization vulnerability in Metagauss RegistrationMagic custom-registration-form-builder-with-submission-manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects RegistrationMagic: from n/a through = 6.0.7.6...

5.8AI score0.00218EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/08 7:56 a.m.8 views

CVE-2025-8899

The Paid Videochat Turnkey Site – HTML5 PPV Live Webcams plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 7.3.20. This is due to videowhisperregisterform function not restricting user roles that can be set during registration. This makes it possible...

8.8CVSS5.7AI score0.0037EPSS
Exploits0References1
EUVD
EUVD
added 2026/03/07 6:31 a.m.17 views

EUVD-2025-208352

The Paid Videochat Turnkey Site – HTML5 PPV Live Webcams plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 7.3.20. This is due to videowhisperregisterform function not restricting user roles that can be set during registration. This makes it possible...

8.8CVSS5.7AI score0.0037EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/03/07 5:46 a.m.3 views

CVE-2025-8899 Paid Videochat Turnkey Site – HTML5 PPV Live Webcams <= 7.3.20 - Authenticated (Author+) Privilege Escalation

The Paid Videochat Turnkey Site – HTML5 PPV Live Webcams plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 7.3.20. This is due to videowhisperregisterform function not restricting user roles that can be set during registration. This makes it possible...

8.8CVSS5.7AI score0.0037EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/03/07 5:46 a.m.2 views

CVE-2025-8899

The Paid Videochat Turnkey Site – HTML5 PPV Live Webcams plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 7.3.20. This is due to videowhisperregisterform function not restricting user roles that can be set during registration. This makes it possible...

8.8CVSS5.7AI score0.0037EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/03/07 5:46 a.m.37 views

CVE-2025-8899 Paid Videochat Turnkey Site – HTML5 PPV Live Webcams <= 7.3.20 - Authenticated (Author+) Privilege Escalation

The Paid Videochat Turnkey Site – HTML5 PPV Live Webcams plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 7.3.20. This is due to videowhisperregisterform function not restricting user roles that can be set during registration. This makes it possible...

8.8CVSS0.0037EPSS
Exploits0References3
CVE
CVE
added 2026/03/07 5:46 a.m.22 views

CVE-2025-8899

The Paid Videochat Turnkey Site – HTML5 PPV Live Webcams WordPress plugin is vulnerable to privilege escalation in all versions up to and including 7.3.20. The root cause is videowhisper_register_form() not restricting user roles during registration, allowing authenticated users with Author-level...

8.8CVSS5.7AI score0.0037EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/03/07 12:0 a.m.9 views

PT-2026-23828

Name of the Vulnerable Software and Affected Versions Paid Videochat Turnkey Site – HTML5 PPV Live Webcams plugin for WordPress versions through 7.3.20 Description The Paid Videochat Turnkey Site – HTML5 PPV Live Webcams plugin for WordPress is susceptible to a privilege escalation issue. The...

8.8CVSS5.8AI score0.0037EPSS
Exploits0References11
CVE
CVE
added 2026/02/05 4:13 p.m.14 views

CVE-2020-37145

HRSALE 1.1.8 is affected by a cross-site request forgery that lets an attacker add unauthorized administrative users through the employee registration form. The exploit can be triggered by an attacker crafting a malicious HTML page with hidden form fields to trick an authenticated administrator i...

5.1CVSS5.2AI score0.00156EPSS
Exploits0References3
EUVD
EUVD
added 2026/02/05 4:13 p.m.5 views

EUVD-2020-31039

HRSALE 1.1.8 contains a cross-site request forgery vulnerability that allows attackers to add unauthorized administrative users through the employee registration form. Attackers can craft a malicious HTML page with hidden form fields to trick authenticated administrators into creating new user...

5.1CVSS5.2AI score0.00156EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/02/05 12:0 a.m.12 views

PT-2026-6587

Name of the Vulnerable Software and Affected Versions HRSALE version 1.1.8 Description HRSALE version 1.1.8 is susceptible to a cross-site request forgery condition. This allows attackers to add unauthorized administrative users via the employee registration form. An attacker can create a malicio...

5.1CVSS5.2AI score0.00156EPSS
Exploits0References5
Patchstack
Patchstack
added 2026/02/02 8:4 a.m.7 views

WordPress WP Affiliate Platform plugin < 6.5.1 - Reflected XSS via Registration Form vulnerability

Reflected XSS via Registration Form vulnerability discovered by Bob Matyas in WordPress Plugin Affiliate Manager versions 6.5.1...

6.1CVSS5.2AI score0.00345EPSS
Exploits1References1Affected Software1
RedhatCVE
RedhatCVE
added 2026/01/23 9:15 p.m.6 views

CVE-2026-24374

Cross-Site Request Forgery CSRF vulnerability in Metagauss RegistrationMagic custom-registration-form-builder-with-submission-manager allows Cross Site Request Forgery.This issue affects RegistrationMagic: from n/a through = 6.0.6.9...

5.4CVSS5.4AI score0.00097EPSS
Exploits0References1
NVD
NVD
added 2026/01/13 11:15 p.m.9 views

CVE-2023-54328

AimOne Video Converter 2.04 Build 103 contains a buffer overflow vulnerability in its registration form that causes application crashes. Attackers can generate a 7000-byte payload to trigger the denial of service and potentially exploit the software's registration mechanism...

6.5CVSS0.00387EPSS
Exploits1References5
OSV
OSV
added 2026/01/13 11:15 p.m.4 views

CVE-2023-54328

AimOne Video Converter 2.04 Build 103 contains a buffer overflow vulnerability in its registration form that causes application crashes. Attackers can generate a 7000-byte payload to trigger the denial of service and potentially exploit the software's registration mechanism...

6.5CVSS6AI score0.00387EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2026/01/13 10:52 p.m.4 views

CVE-2023-54328 AimOne Video Converter 2.04 Build 103 Buffer Overflow in Registration Form

AimOne Video Converter 2.04 Build 103 contains a buffer overflow vulnerability in its registration form that causes application crashes. Attackers can generate a 7000-byte payload to trigger the denial of service and potentially exploit the software's registration mechanism...

6.5CVSS6.8AI score0.00387EPSS
Exploits1References5
CVE
CVE
added 2026/01/13 10:52 p.m.19 views

CVE-2023-54328

AimOne Video Converter 2.04 Build 103 is affected by a buffer overflow in the registration form that can crash the application and enable denial of service via a ~7000-byte payload. Affected component: registration form handling; impact described as crash/DoS with potential abuse of the registrat...

6.5CVSS6.8AI score0.00387EPSS
Exploits1References5Affected Software1
Positive Technologies
Positive Technologies
added 2026/01/13 12:0 a.m.6 views

PT-2026-2418

Name of the Vulnerable Software and Affected Versions AimOne Video Converter version 2.04 Build 103 Description AimOne Video Converter version 2.04 Build 103 contains a buffer overflow in its registration form, leading to application crashes and a denial of service. An attacker can create a...

6.5CVSS6AI score0.00387EPSS
Exploits1References10
Rows per page
Query Builder