Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
metagauss registrationmagic vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-50846
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in RegistrationMagic RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login.This issue affects RegistrationMagic – Custom Re...
Metagauss Registrationmagic
6.8
CVSSv2
CVE-2020-9454
A CSRF vulnerability in the RegistrationMagic plugin up to and including 4.6.0.3 for WordPress allows remote malicious users to forge requests on behalf of a site administrator to change all settings for the plugin, including deleting users, creating new roles with escalated priv...
Metagauss Registrationmagic
6.5
CVSSv2
CVE-2020-9457
The RegistrationMagic plugin up to and including 4.6.0.3 for WordPress allows remote authenticated users (with minimal privileges) to import custom vulnerable forms and change form settings via class_rm_form_settings_controller.php, resulting in privilege escalation.
Metagauss Registrationmagic
NA
CVE-2023-47645
Cross-Site Request Forgery (CSRF) vulnerability in RegistrationMagic RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login allows Cross Site Request Forgery.This issue affects RegistrationMagic – Custom Registration Forms, User Regi...
Metagauss Registrationmagic
6.5
CVSSv2
CVE-2022-0420
The RegistrationMagic WordPress plugin prior to 5.0.2.2 does not sanitise and escape the rm_form_id parameter before using it in a SQL statement in the Automation admin dashboard, allowing high privilege users to perform SQL injection attacks
Metagauss Registrationmagic
NA
CVE-2023-2499
The RegistrationMagic plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 5.2.1.0. This is due to insufficient verification on the user being supplied during a Google social login through the plugin. This makes it possible for unauthentic...
Metagauss Registrationmagic
4.3
CVSSv2
CVE-2021-24648
The RegistrationMagic WordPress plugin prior to 5.0.1.9 does not sanitise and escape the rm_search_value parameter before outputting back in an attribute, leading to a Reflected Cross-Site Scripting
Metagauss Registrationmagic
6.5
CVSSv2
CVE-2021-24862
The RegistrationMagic WordPress plugin prior to 5.0.1.6 does not escape user input in its rm_chronos_ajax AJAX action before using it in a SQL statement when duplicating tasks in batches, which could lead to a SQL injection issue
Metagauss Registrationmagic
NA
CVE-2023-25991
Cross-Site Request Forgery (CSRF) vulnerability in RegistrationMagic plugin <= 5.1.9.2 versions.
Metagauss Registrationmagic
NA
CVE-2023-51509
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Metagauss RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login allows Reflected XSS.This issue affects RegistrationMagic &nda...
Metagauss Registrationmagic
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
cross-site scripting
CVE-2024-5158
XML external entity
CVE-2024-4262
CVE-2024-2036
CVE-2024-4985
CVE-2024-21791
remote attackers
CVE-2023-43208
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »