2 matches found
CVE-2020-9454
A CSRF vulnerability in the RegistrationMagic plugin through 4.6.0.3 for WordPress allows remote attackers to forge requests on behalf of a site administrator to change all settings for the plugin, including deleting users, creating new roles with escalated privileges, and allowing PHP file uploa...
CVE-2020-9454
CVE-2020-9454 is a CSRF vulnerability in the WordPress plugin RegistrationMagic (versions up to 4.6.0.3). It allows an attacker to forge requests on behalf of an site administrator to modify plugin settings, including deleting users, creating privileged roles, and enabling PHP file uploads. Multi...