WordPress plugin RegistrationMagic SQL注入漏洞

WordPress is a set of blogging platforms developed using the PHP language by the Wordpress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A SQL injection vulnerability exists in WordPress RegistrationMagic Plugin prior to version 5.0.2.2, which ste...

CVE-2020-8435

An issue was discovered in the RegistrationMagic plugin 4.6.0.0 for WordPress. There is SQL injection via the rmanalyticsshowform rmformid parameter...

CVE-2020-8436

XSS was discovered in the RegistrationMagic plugin 4.6.0.0 for WordPress via the rmformid, rmtr, or formname parameter...

CVE-2020-8435

An issue was discovered in the RegistrationMagic plugin 4.6.0.0 for WordPress. There is SQL injection via the rmanalyticsshowform rmformid parameter...

Sql injection

An issue was discovered in the RegistrationMagic plugin 4.6.0.0 for WordPress. There is SQL injection via the rmanalyticsshowform rmformid parameter...

CVE-2020-8435

Summary: CVE-2020-8435 concerns the WordPress RegistrationMagic plugin (v4.6.0.0) with a SQL injection via the rm_analytics_show_form rm_form_id parameter. The issue is documented across multiple feeds and is described as an injection vulnerability that could enable unauthorized access to the bac...