453 matches found
WordPress RegistrationMagic Plugin SQL Injection Vulnerability
WordPress is a set of blogging platforms developed using the PHP language by the Wordpress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A SQL injection vulnerability exists in WordPress RegistrationMagic Plugin prior to version 5.0.2.2, which ste...
CVE-2022-0420
The RegistrationMagic WordPress plugin before 5.0.2.2 does not sanitise and escape the rmformid parameter before using it in a SQL statement in the Automation admin dashboard, allowing high privilege users to perform SQL injection attacks...
CVE-2022-0420
The RegistrationMagic WordPress plugin before 5.0.2.2 does not sanitise and escape the rmformid parameter before using it in a SQL statement in the Automation admin dashboard, allowing high privilege users to perform SQL injection attacks...
CVE-2022-0420
The RegistrationMagic WordPress plugin before 5.0.2.2 does not sanitise and escape the rmformid parameter before using it in a SQL statement in the Automation admin dashboard, allowing high privilege users to perform SQL injection attacks...
Sql injection
The RegistrationMagic WordPress plugin before 5.0.2.2 does not sanitise and escape the rmformid parameter before using it in a SQL statement in the Automation admin dashboard, allowing high privilege users to perform SQL injection attacks...
CVE-2022-0420 RegistrationMagic < 5.0.2.2 - Admin+ SQL Injection
The RegistrationMagic WordPress plugin before 5.0.2.2 does not sanitise and escape the rmformid parameter before using it in a SQL statement in the Automation admin dashboard, allowing high privilege users to perform SQL injection attacks...
CVE-2022-0420
CVE-2022-0420 affects the WordPress RegistrationMagic plugin prior to version 5.0.2.2. The rm_form_id parameter used in the Automation admin dashboard is not sanitized or escaped before being used in an SQL statement, enabling high-privilege users to perform SQL injection. Red Hat and CVE records...
WordPress plugin RegistrationMagic SQL注入漏洞
WordPress is a set of blogging platforms developed using the PHP language by the Wordpress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A SQL injection vulnerability exists in WordPress RegistrationMagic Plugin prior to version 5.0.2.2, which ste...
WordPress RegistrationMagic plugin cross-site scripting vulnerability
WordPress is a set of blogging platform developed by the WordPress Foundation using the PHP language. cross-site scripting vulnerability exists in the Wordpress RegistrationMagic Plugin, which stems from the product's rmsearchvalue function not doing effective processing of special characters in...
Wordpress RegistrationMagic task_ids Authenticated SQLi
RegistrationMagic, a WordPress plugin, prior to 5.0.1.5 is affected by an authenticated SQL injection via the taskids parameter. Module Options msf use auxiliary/scanner/http/wpregistrationmagicsqli msf auxiliarywpregistrationmagicsqli show actions ...actions... msf auxiliarywpregistrationmagicsq...
CVE-2021-24648
The RegistrationMagic WordPress plugin before 5.0.1.9 does not sanitise and escape the rmsearchvalue parameter before outputting back in an attribute, leading to a Reflected Cross-Site Scripting...
CVE-2021-24648
The RegistrationMagic WordPress plugin before 5.0.1.9 does not sanitise and escape the rmsearchvalue parameter before outputting back in an attribute, leading to a Reflected Cross-Site Scripting...
Cross site scripting
The RegistrationMagic WordPress plugin before 5.0.1.9 does not sanitise and escape the rmsearchvalue parameter before outputting back in an attribute, leading to a Reflected Cross-Site Scripting...
CVE-2021-24648 Registration Magic < 5.0.1.9 - Reflected Cross-Site Scripting
The RegistrationMagic WordPress plugin before 5.0.1.9 does not sanitise and escape the rmsearchvalue parameter before outputting back in an attribute, leading to a Reflected Cross-Site Scripting...
CVE-2021-24648
The CVE-2021-24648 affects the WordPress plugin RegistrationMagic prior to 5.0.1.9. The vulnerability arises because the rm_search_value parameter is not properly sanitized/escaped before being output in an attribute, enabling a Reflected Cross-Site Scripting (XSS) vulnerability. Affected softwar...
WordPress plugin 跨站脚本漏洞
WordPress is a set of blogging platform developed by the WordPress Foundation using the PHP language. cross-site scripting vulnerability exists in the Wordpress RegistrationMagic Plugin, which stems from the product's rmsearchvalue function not doing effective processing of special characters in...
WordPress RegistrationMagic V 5.0.1.5 SQL Injection
Exploit Title: WordPress Plugin RegistrationMagic V 5.0.1.5 - SQL Injection Authenticated Date 23.01.2022 Exploit Author: Ron Jost Hacker5preme Vendor Homepage: https://registrationmagic.com/ Software Link:...
WordPress RegistrationMagic V 5.0.1.5 Plugin- SQL Injection Exploit
Exploit Title: WordPress Plugin RegistrationMagic V 5.0.1.5 - SQL Injection Authenticated Date 23.01.2022 Exploit Author: Ron Jost Hacker5preme Vendor Homepage: https://registrationmagic.com/ Software Link:...
WordPress Plugin RegistrationMagic V 5.0.1.5 - SQL Injection (Authenticated)
Exploit Title: WordPress Plugin RegistrationMagic V 5.0.1.5 - SQL Injection Authenticated Date 23.01.2022 Exploit Author: Ron Jost Hacker5preme Vendor Homepage: https://registrationmagic.com/ Software Link:...
WordPress RegistrationMagic plugin SQL injection vulnerability
WordPress is the Wordpress Foundation's set of blogging platforms developed using the PHP language. The platform supports setting up personal blogging sites on servers with PHP and MySQL.The WordPress RegistrationMagic plugin was vulnerable to SQL injection before 5.0.1.6, which stems from the la...