Lucene search
K

454 matches found

ATTACKERKB
ATTACKERKB
added 2026/02/16 6:0 a.m.4 views

CVE-2026-0929

The RegistrationMagic WordPress plugin before 6.0.7.2 does not have proper capability checks, allowing subscribers and above to create forms on the site...

5.5AI score0.00209EPSS
Exploits0References1
CVE
CVE
added 2026/02/16 6:0 a.m.9 views

CVE-2026-0929

The CVE-2026-0929 entry concerns the WordPress plugin RegistrationMagic, affected versions before 6.0.7.2. The root cause is missing capability checks, permitting subscribers and above to create forms on a site. Impact is unauthorised form creation, with CVSSv3.1 base score 4.3 (Medium) and privi...

4.3CVSS5.5AI score0.00209EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/02/16 6:0 a.m.3 views

CVE-2026-0929 RegistrationMagic < 6.0.7.2 - Subscriber+ Form Creation

The RegistrationMagic WordPress plugin before 6.0.7.2 does not have proper capability checks, allowing subscribers and above to create forms on the site...

5.6AI score0.00209EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/02/16 12:0 a.m.8 views

PT-2026-8313

The RegistrationMagic WordPress plugin before 6.0.7.2 does not have proper capability checks, allowing subscribers and above to create forms on the site...

5.6AI score0.00209EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/02/16 12:0 a.m.8 views

WordPress plugin RegistrationMagic 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

4.3CVSS5.8AI score0.00209EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/02/14 7:23 a.m.5 views

CVE-2025-15520

The RegistrationMagic WordPress plugin before 6.0.7.2 checks nonces but not capabilities, allowing for the disclosure of some sensitive data to subscribers and above...

4.3CVSS5.5AI score0.00171EPSS
Exploits0References1
NVD
NVD
added 2026/02/13 6:16 a.m.6 views

CVE-2025-15520

The RegistrationMagic WordPress plugin before 6.0.7.2 checks nonces but not capabilities, allowing for the disclosure of some sensitive data to subscribers and above...

4.3CVSS0.00171EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/02/13 6:0 a.m.32 views

CVE-2025-15520 RegistrationMagic <= 6.0.7.2 - Subscriber+ Sensitive Data Disclosure

The RegistrationMagic WordPress plugin before 6.0.7.2 checks nonces but not capabilities, allowing for the disclosure of some sensitive data to subscribers and above...

0.00171EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/02/13 6:0 a.m.8 views

CVE-2025-15520

The RegistrationMagic WordPress plugin before 6.0.7.2 checks nonces but not capabilities, allowing for the disclosure of some sensitive data to subscribers and above...

5.5AI score0.00171EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/02/13 6:0 a.m.5 views

CVE-2025-15520 RegistrationMagic <= 6.0.7.2 - Subscriber+ Sensitive Data Disclosure

The RegistrationMagic WordPress plugin before 6.0.7.2 checks nonces but not capabilities, allowing for the disclosure of some sensitive data to subscribers and above...

5.5AI score0.00171EPSS
Exploits0References1
CVE
CVE
added 2026/02/13 6:0 a.m.17 views

CVE-2025-15520

CVE-2025-15520 affects the WordPress plugin RegistrationMagic (versions up to and including 6.0.7.2). The root cause is that the plugin validates nonces but does not verify user capabilities, enabling disclosure of some sensitive data to subscribers and higher-privilege users. Impact is informati...

4.3CVSS5.5AI score0.00171EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/02/13 12:0 a.m.8 views

PT-2026-7970

The RegistrationMagic WordPress plugin before 6.0.7.2 checks nonces but not capabilities, allowing for the disclosure of some sensitive data to subscribers and above...

5.5AI score0.00171EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/02/13 12:0 a.m.6 views

WordPress plugin RegistrationMagic 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

4.3CVSS5.8AI score0.00171EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/29 9:24 a.m.8 views

CVE-2026-1054

The RegistrationMagic plugin for WordPress is vulnerable to Missing Authorization in versions up to, and including, 6.0.7.4. This is due to missing nonce verification and capability checks on the rmsetotp AJAX action handler. This makes it possible for unauthenticated attackers to modify arbitrar...

5.3CVSS6AI score0.00232EPSS
Exploits0References1
NVD
NVD
added 2026/01/28 8:16 a.m.8 views

CVE-2026-1054

The RegistrationMagic plugin for WordPress is vulnerable to Missing Authorization in versions up to, and including, 6.0.7.4. This is due to missing nonce verification and capability checks on the rmsetotp AJAX action handler. This makes it possible for unauthenticated attackers to modify arbitrar...

5.3CVSS0.00232EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/01/28 7:27 a.m.4 views

CVE-2026-1054

The RegistrationMagic plugin for WordPress is vulnerable to Missing Authorization in versions up to, and including, 6.0.7.4. This is due to missing nonce verification and capability checks on the rmsetotp AJAX action handler. This makes it possible for unauthenticated attackers to modify arbitrar...

5.3CVSS6AI score0.00232EPSS
Exploits0References4
CVE
CVE
added 2026/01/28 7:27 a.m.14 views

CVE-2026-1054

The CVE-2026-1054 entry corresponds to the RegistrationMagic WordPress plugin and is supported by multiple connected sources (Wordfence, PatchStack, CVE List). The detail across these sources states that versions up to and including 6.0.7.4 are vulnerable due to missing nonce verification and mis...

5.3CVSS6AI score0.00232EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/01/28 7:27 a.m.2 views

CVE-2026-1054 RegistrationMagic <= 6.0.7.4 - Missing Authorization to Unauthenticated Arbitrary Settings Modification

The RegistrationMagic plugin for WordPress is vulnerable to Missing Authorization in versions up to, and including, 6.0.7.4. This is due to missing nonce verification and capability checks on the rmsetotp AJAX action handler. This makes it possible for unauthenticated attackers to modify arbitrar...

5.3CVSS6AI score0.00232EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/01/28 7:27 a.m.32 views

CVE-2026-1054 RegistrationMagic <= 6.0.7.4 - Missing Authorization to Unauthenticated Arbitrary Settings Modification

The RegistrationMagic plugin for WordPress is vulnerable to Missing Authorization in versions up to, and including, 6.0.7.4. This is due to missing nonce verification and capability checks on the rmsetotp AJAX action handler. This makes it possible for unauthenticated attackers to modify arbitrar...

5.3CVSS0.00232EPSS
Exploits0References3
Patchstack
Patchstack
added 2026/01/28 1:40 a.m.6 views

WordPress RegistrationMagic plugin <= 6.0.7.4 - Missing Authorization to Unauthenticated Arbitrary Settings Modification vulnerability

Missing Authorization to Unauthenticated Arbitrary Settings Modification vulnerability discovered by Md. Moniruzzaman Prodhan NomanProdhan - Knight Squad in WordPress Plugin RegistrationMagic versions = 6.0.7.4...

5.3CVSS5.9AI score0.00232EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder