Lucene search
K

7 matches found

RedhatCVE
RedhatCVE
added 2025/02/05 5:2 a.m.10 views

CVE-2024-10508

The RegistrationMagic – User Registration Plugin with Custom Registration Forms plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 6.0.2.6. This is due to the plugin not properly validating the password reset token prior to updati...

9.8CVSS7.5AI score0.01463EPSS
Exploits2References1
Patchstack
Patchstack
added 2024/11/26 12:0 a.m.39 views

WordPress RegistrationMagic Plugin <= 6.0.2.6 is vulnerable to Privilege Escalation

Software RegistrationMagic Type Plugin Vulnerable versions = 6.0.2.6 Fixed in 6.0.2.7 OWASP Top 10 A3: Injection Classification Privilege Escalation CVE CVE-2024-10508 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID fa83ac6f8527 Credits shaman0x01 Required privilege...

9.8CVSS6.8AI score0.01463EPSS
Exploits2References3Affected Software1
GithubExploit
GithubExploit
added 2024/11/21 4:32 a.m.438 views

Exploit for Improper Handling of Missing Values in Metagauss Registrationmagic

CVE-2024-10508 This tool scans WordPress sites for vulnerabil...

9.8CVSS9.7AI score0.01463EPSS
Exploits2
NVD
NVD
added 2024/11/09 8:15 a.m.28 views

CVE-2024-10508

The RegistrationMagic – User Registration Plugin with Custom Registration Forms plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 6.0.2.6. This is due to the plugin not properly validating the password reset token prior to updati...

9.8CVSS0.01463EPSS
Exploits2References4
Circl
Circl
added 2024/11/09 7:36 a.m.19 views

CVE-2024-10508

creationtimestamp| type| source ---|---|--- 2024-11-09 07:36:16+00:00| seen| https://infosec.exchange/users/cve/statuses/113451845282995928 2024-11-09 09:56:32+00:00| seen| https://t.me/cvedetector/10286 2024-11-21 04:36:37+00:00| seen| https://t.me/GithubRedTeam/9110 2024-11-22 10:05:09+00:00|...

9.8CVSS7.3AI score0.01463EPSS
Exploits2References6
Vulnrichment
Vulnrichment
added 2024/11/09 7:35 a.m.20 views

CVE-2024-10508 RegistrationMagic – User Registration Plugin with Custom Registration Forms <= 6.0.2.6 - Unauthenticated Privilege Escalation via Password Recovery

The RegistrationMagic – User Registration Plugin with Custom Registration Forms plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 6.0.2.6. This is due to the plugin not properly validating the password reset token prior to updati...

9.8CVSS7.8AI score0.01463EPSS
Exploits2References4
Cvelist
Cvelist
added 2024/11/09 7:35 a.m.39 views

CVE-2024-10508 RegistrationMagic – User Registration Plugin with Custom Registration Forms <= 6.0.2.6 - Unauthenticated Privilege Escalation via Password Recovery

The RegistrationMagic – User Registration Plugin with Custom Registration Forms plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 6.0.2.6. This is due to the plugin not properly validating the password reset token prior to updati...

9.8CVSS0.01463EPSS
Exploits2References4
Rows per page
Query Builder