Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2025/04/06 6:33 a.m.20 views

CVE-2025-2836

The RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘paymentmethod’ parameter in all versions up to, and including, 6.0.4.3 due to insufficient input sanitization and output escapin...

6.4CVSS5.9AI score0.00299EPSS
Exploits0References1
NVD
NVD
added 2025/04/04 6:15 a.m.23 views

CVE-2025-2836

The RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘paymentmethod’ parameter in all versions up to, and including, 6.0.4.3 due to insufficient input sanitization and output escapin...

6.4CVSS0.00299EPSS
Exploits0References5
Cvelist
Cvelist
added 2025/04/04 5:22 a.m.14 views

CVE-2025-2836 RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login <= 6.0.4.3 - Authenticated (Subscriber+) Stored Cross-Site Scripting

The RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘paymentmethod’ parameter in all versions up to, and including, 6.0.4.3 due to insufficient input sanitization and output escapin...

6.4CVSS0.00299EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2025/04/04 5:22 a.m.7 views

CVE-2025-2836 RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login <= 6.0.4.3 - Authenticated (Subscriber+) Stored Cross-Site Scripting

The RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘paymentmethod’ parameter in all versions up to, and including, 6.0.4.3 due to insufficient input sanitization and output escapin...

6.4CVSS5.9AI score0.00299EPSS
Exploits0References5
CVE
CVE
added 2025/04/04 5:22 a.m.62 views

CVE-2025-2836

RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login plugin for WordPress is affected by a Stored Cross-Site Scripting (XSS) flaw exploited via the payment_method parameter. Affected versions go up to and including 6.0.4.3 . The root cause is described as insu...

6.4CVSS5.9AI score0.00299EPSS
Exploits0References5
Rows per page
Query Builder