CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-25991 – WordPress RegistrationMagic Plugin <= 5.1.9.2 is vulnerable to Cross Site Request Forgery (CSRF)
https://notcve.org/view.php?id=CVE-2023-25991
Cross-Site Request Forgery (CSRF) vulnerability in RegistrationMagic plugin <= 5.1.9.2 versions. The RegistrationMagic plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 5.1.9.2. This is due to missing or incorrect nonce validation on the 'remove' function inside the 'class_rm_form_controller.php' file. This makes it possible for unauthenticated attackers to remove certain form metadata via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. • https://patchstack.com/database/vulnerability/custom-registration-form-builder-with-submission-manager/wordpress-registrationmagic-custom-registration-forms-user-registration-and-user-login-plugin-plugin-5-1-9-2-multiple-cross-site-request-forgery-csrf?_s_id=cve • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 1CVE-2022-0420 – RegistrationMagic < 5.0.2.2 - Admin+ SQL Injection
https://notcve.org/view.php?id=CVE-2022-0420
The RegistrationMagic WordPress plugin before 5.0.2.2 does not sanitise and escape the rm_form_id parameter before using it in a SQL statement in the Automation admin dashboard, allowing high privilege users to perform SQL injection attacks El plugin RegistrationMagic de WordPress versiones anteriores a 5.0.2.2, no sanea y escapa del parámetro rm_form_id antes de usarlo en una sentencia SQL en el panel de administración de Automation, permitiendo a usuarios con altos privilegios llevar a cabo ataques de inyección SQL • https://plugins.trac.wordpress.org/changeset/2672042 https://wpscan.com/vulnerability/056b5167-3cbc-47d1-9917-52a434796151 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 8.8EPSS: 77%CPEs: 1EXPL: 4CVE-2021-24862 – RegistrationMagic < 5.0.1.6 - Admin+ SQL Injection
https://notcve.org/view.php?id=CVE-2021-24862
The RegistrationMagic WordPress plugin before 5.0.1.6 does not escape user input in its rm_chronos_ajax AJAX action before using it in a SQL statement when duplicating tasks in batches, which could lead to a SQL injection issue El plugin RegistrationMagic de WordPress versiones anteriores a 5.0.1.6, no escapa a la entrada del usuario en su acción rm_chronos_ajax AJAX antes de usarla en una sentencia SQL cuando son duplicadas tareas en lotes, lo que podría conllevar a un problema de inyección SQL RegistrationMagic, a WordPress plugin, prior to 5.0.1.5 is affected by an authenticated SQL injection via the task_ids parameter. • https://www.exploit-db.com/exploits/50686 http://packetstormsecurity.com/files/165746/WordPress-RegistrationMagic-V-5.0.1.5-SQL-Injection.html https://github.com/Hacker5preme/Exploits/tree/main/Wordpress/CVE-2021-24862 https://wpscan.com/vulnerability/7d3af3b5-5548-419d-aa32-1f7b51622615 https://github.com/Hacker5preme/Exploits/blob/main/Wordpress/CVE-2021-24862/README.md • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2021-24648 – Registration Magic < 5.0.1.9 - Reflected Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2021-24648
The RegistrationMagic WordPress plugin before 5.0.1.9 does not sanitise and escape the rm_search_value parameter before outputting back in an attribute, leading to a Reflected Cross-Site Scripting El plugin RegistrationMagic de WordPress versiones anteriores a 5.0.1.9, no sanea ni escapa del parámetro rm_search_value antes de devolverlo a un atributo, conllevando a un ataque de tipo Cross-Site Scripting Reflejado • https://plugins.trac.wordpress.org/changeset/2646734 https://wpscan.com/vulnerability/a3573212-2a98-4504-b8f4-b4d46655e17c • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2021-4073 – RegistrationMagic <= 5.0.1.7 Authentication Bypass
https://notcve.org/view.php?id=CVE-2021-4073
The RegistrationMagic WordPress plugin made it possible for unauthenticated users to log in as any site user, including administrators, if they knew a valid username on the site due to missing identity validation in the social login function social_login_using_email() of the plugin. This affects versions equal to, and less than, 5.0.1.7. El plugin RegistrationMagic de WordPress permitía a usuarios no autenticados iniciar sesión como cualquier usuario del sitio, incluidos los administradores, si conocían un nombre de usuario válido en el sitio debido a una falta de comprobación de la identidad en la función login social social_login_using_email() del plugin. Esto afecta a las versiones iguales y menores a 5.0.1.7 • https://plugins.trac.wordpress.org/changeset/2635173/custom-registration-form-builder-with-submission-manager/trunk/services/class_rm_user_services.php https://www.wordfence.com/blog/2021/12/authentication-bypass-vulnerability-patched-in-user-registration-plugin https://www.wordfence.com/vulnerability-advisories/#CVE-2021-4073 • CWE-287: Improper Authentication •