453 matches found
WordPress RegistrationMagic SQL Injection Vulnerability
WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.RegistrationMagic is a user registration plugin used in it. A SQL injection vulnerability exists in WordPress RegistrationMagic version...
CVE-2020-8435
An issue was discovered in the RegistrationMagic plugin 4.6.0.0 for WordPress. There is SQL injection via the rmanalyticsshowform rmformid parameter...
CVE-2020-8436
XSS was discovered in the RegistrationMagic plugin 4.6.0.0 for WordPress via the rmformid, rmtr, or formname parameter...
CVE-2020-8436
XSS was discovered in the RegistrationMagic plugin 4.6.0.0 for WordPress via the rmformid, rmtr, or formname parameter...
CVE-2020-8435
An issue was discovered in the RegistrationMagic plugin 4.6.0.0 for WordPress. There is SQL injection via the rmanalyticsshowform rmformid parameter...
Cross site scripting
XSS was discovered in the RegistrationMagic plugin 4.6.0.0 for WordPress via the rmformid, rmtr, or formname parameter...
Sql injection
An issue was discovered in the RegistrationMagic plugin 4.6.0.0 for WordPress. There is SQL injection via the rmanalyticsshowform rmformid parameter...
CVE-2020-8435
An issue was discovered in the RegistrationMagic plugin 4.6.0.0 for WordPress. There is SQL injection via the rmanalyticsshowform rmformid parameter...
CVE-2020-8435
Summary: CVE-2020-8435 concerns the WordPress RegistrationMagic plugin (v4.6.0.0) with a SQL injection via the rm_analytics_show_form rm_form_id parameter. The issue is documented across multiple feeds and is described as an injection vulnerability that could enable unauthorized access to the bac...
CVE-2020-8436
XSS was discovered in the RegistrationMagic plugin 4.6.0.0 for WordPress via the rmformid, rmtr, or formname parameter...
CVE-2020-8436
CVE-2020-8436 describes a cross-site scripting (XSS) vulnerability in the WordPress plugin RegistrationMagic (version 4.6.0.0). The issue arises from insufficient validation of client-side data and can be triggered via user-supplied input in the rm_form_id, rm_tr, or form_name parameters. The NVD...
WordPress RegistrationMagic Unauthorized Operation Vulnerability
WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.RegistrationMagic is a user registration plugin used in it. A security vulnerability exists in WordPress RegistrationMagic 4.6.0.3 and...
WordPress RegistrationMagic elevation of privilege vulnerability (CNVD-2020-16636)
WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.RegistrationMagic is a user registration plugin used in it. A security vulnerability exists in WordPress RegistrationMagic 4.6.0.3 and...
WordPress RegistrationMagic Elevation of Privilege Vulnerability
WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.RegistrationMagic is a user registration plugin used in it. A security vulnerability exists in WordPress RegistrationMagic 4.6.0.3 and...
WordPress RegistrationMagic Cross-Site Request Forgery Vulnerability
WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.RegistrationMagic is a user registration plugin used in it. A cross-site request forgery vulnerability exists in WordPress...
Unspecified Vulnerability in WordPress RegistrationMagic
WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.RegistrationMagic is a user registration plugin used in it. A security vulnerability exists in the export function in WordPress...
CVE-2020-9457
The RegistrationMagic plugin through 4.6.0.3 for WordPress allows remote authenticated users with minimal privileges to import custom vulnerable forms and change form settings via classrmformsettingscontroller.php, resulting in privilege escalation...
CVE-2020-9456
In the RegistrationMagic plugin through 4.6.0.3 for WordPress, the user controller allows remote authenticated users with minimal privileges to elevate their privileges to administrator via classrmusercontroller.php rmuseredit...
CVE-2020-9458
In the RegistrationMagic plugin through 4.6.0.3 for WordPress, the export function allows remote authenticated users with minimal privileges to export submitted form data and settings via classrmformcontroller.php rmformexport...
CVE-2020-9455
The RegistrationMagic plugin through 4.6.0.3 for WordPress allows remote authenticated users with minimal privileges to send arbitrary emails on behalf of the site via classrmuserservices.php sendemailuserview...