310 matches found
CVE-2026-32385
Missing Authorization vulnerability in Metagauss RegistrationMagic custom-registration-form-builder-with-submission-manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects RegistrationMagic: from n/a through = 6.0.7.6...
CVE-2026-32385 WordPress RegistrationMagic plugin <= 6.0.7.6 - Broken Access Control vulnerability
Missing Authorization vulnerability in Metagauss RegistrationMagic custom-registration-form-builder-with-submission-manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects RegistrationMagic: from n/a through = 6.0.7.6...
CVE-2026-32385 WordPress RegistrationMagic plugin <= 6.0.7.6 - Broken Access Control vulnerability
Missing Authorization vulnerability in Metagauss RegistrationMagic custom-registration-form-builder-with-submission-manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects RegistrationMagic: from n/a through = 6.0.7.6...
CVE-2025-8899
The Paid Videochat Turnkey Site – HTML5 PPV Live Webcams plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 7.3.20. This is due to videowhisperregisterform function not restricting user roles that can be set during registration. This makes it possible...
EUVD-2025-208352
The Paid Videochat Turnkey Site – HTML5 PPV Live Webcams plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 7.3.20. This is due to videowhisperregisterform function not restricting user roles that can be set during registration. This makes it possible...
CVE-2025-8899 Paid Videochat Turnkey Site – HTML5 PPV Live Webcams <= 7.3.20 - Authenticated (Author+) Privilege Escalation
The Paid Videochat Turnkey Site – HTML5 PPV Live Webcams plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 7.3.20. This is due to videowhisperregisterform function not restricting user roles that can be set during registration. This makes it possible...
CVE-2025-8899
The Paid Videochat Turnkey Site – HTML5 PPV Live Webcams plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 7.3.20. This is due to videowhisperregisterform function not restricting user roles that can be set during registration. This makes it possible...
CVE-2025-8899 Paid Videochat Turnkey Site – HTML5 PPV Live Webcams <= 7.3.20 - Authenticated (Author+) Privilege Escalation
The Paid Videochat Turnkey Site – HTML5 PPV Live Webcams plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 7.3.20. This is due to videowhisperregisterform function not restricting user roles that can be set during registration. This makes it possible...
CVE-2025-8899
The Paid Videochat Turnkey Site – HTML5 PPV Live Webcams WordPress plugin is vulnerable to privilege escalation in all versions up to and including 7.3.20. The root cause is videowhisper_register_form() not restricting user roles during registration, allowing authenticated users with Author-level...
PT-2026-23828
Name of the Vulnerable Software and Affected Versions Paid Videochat Turnkey Site – HTML5 PPV Live Webcams plugin for WordPress versions through 7.3.20 Description The Paid Videochat Turnkey Site – HTML5 PPV Live Webcams plugin for WordPress is susceptible to a privilege escalation issue. The...
CVE-2020-37145
HRSALE 1.1.8 is affected by a cross-site request forgery that lets an attacker add unauthorized administrative users through the employee registration form. The exploit can be triggered by an attacker crafting a malicious HTML page with hidden form fields to trick an authenticated administrator i...
EUVD-2020-31039
HRSALE 1.1.8 contains a cross-site request forgery vulnerability that allows attackers to add unauthorized administrative users through the employee registration form. Attackers can craft a malicious HTML page with hidden form fields to trick authenticated administrators into creating new user...
PT-2026-6587
Name of the Vulnerable Software and Affected Versions HRSALE version 1.1.8 Description HRSALE version 1.1.8 is susceptible to a cross-site request forgery condition. This allows attackers to add unauthorized administrative users via the employee registration form. An attacker can create a malicio...
WordPress WP Affiliate Platform plugin < 6.5.1 - Reflected XSS via Registration Form vulnerability
Reflected XSS via Registration Form vulnerability discovered by Bob Matyas in WordPress Plugin Affiliate Manager versions 6.5.1...
CVE-2026-24374
Cross-Site Request Forgery CSRF vulnerability in Metagauss RegistrationMagic custom-registration-form-builder-with-submission-manager allows Cross Site Request Forgery.This issue affects RegistrationMagic: from n/a through = 6.0.6.9...
CVE-2023-54328
AimOne Video Converter 2.04 Build 103 contains a buffer overflow vulnerability in its registration form that causes application crashes. Attackers can generate a 7000-byte payload to trigger the denial of service and potentially exploit the software's registration mechanism...
CVE-2023-54328
AimOne Video Converter 2.04 Build 103 contains a buffer overflow vulnerability in its registration form that causes application crashes. Attackers can generate a 7000-byte payload to trigger the denial of service and potentially exploit the software's registration mechanism...
CVE-2023-54328 AimOne Video Converter 2.04 Build 103 Buffer Overflow in Registration Form
AimOne Video Converter 2.04 Build 103 contains a buffer overflow vulnerability in its registration form that causes application crashes. Attackers can generate a 7000-byte payload to trigger the denial of service and potentially exploit the software's registration mechanism...
CVE-2023-54328
AimOne Video Converter 2.04 Build 103 is affected by a buffer overflow in the registration form that can crash the application and enable denial of service via a ~7000-byte payload. Affected component: registration form handling; impact described as crash/DoS with potential abuse of the registrat...
PT-2026-2418
Name of the Vulnerable Software and Affected Versions AimOne Video Converter version 2.04 Build 103 Description AimOne Video Converter version 2.04 Build 103 contains a buffer overflow in its registration form, leading to application crashes and a denial of service. An attacker can create a...