3 matches found
CVE-2022-0420
The RegistrationMagic WordPress plugin before 5.0.2.2 does not sanitise and escape the rmformid parameter before using it in a SQL statement in the Automation admin dashboard, allowing high privilege users to perform SQL injection attacks...
CVE-2022-0420
The RegistrationMagic WordPress plugin before 5.0.2.2 does not sanitise and escape the rmformid parameter before using it in a SQL statement in the Automation admin dashboard, allowing high privilege users to perform SQL injection attacks...
CVE-2022-0420
CVE-2022-0420 affects the WordPress RegistrationMagic plugin prior to version 5.0.2.2. The rm_form_id parameter used in the Automation admin dashboard is not sanitized or escaped before being used in an SQL statement, enabling high-privilege users to perform SQL injection. Red Hat and CVE records...