CVSS: 8.8EPSS: 77%CPEs: 1EXPL: 4CVE-2021-24862 – RegistrationMagic < 5.0.1.6 - Admin+ SQL Injection
https://notcve.org/view.php?id=CVE-2021-24862
The RegistrationMagic WordPress plugin before 5.0.1.6 does not escape user input in its rm_chronos_ajax AJAX action before using it in a SQL statement when duplicating tasks in batches, which could lead to a SQL injection issue El plugin RegistrationMagic de WordPress versiones anteriores a 5.0.1.6, no escapa a la entrada del usuario en su acción rm_chronos_ajax AJAX antes de usarla en una sentencia SQL cuando son duplicadas tareas en lotes, lo que podría conllevar a un problema de inyección SQL RegistrationMagic, a WordPress plugin, prior to 5.0.1.5 is affected by an authenticated SQL injection via the task_ids parameter. • https://www.exploit-db.com/exploits/50686 http://packetstormsecurity.com/files/165746/WordPress-RegistrationMagic-V-5.0.1.5-SQL-Injection.html https://github.com/Hacker5preme/Exploits/tree/main/Wordpress/CVE-2021-24862 https://wpscan.com/vulnerability/7d3af3b5-5548-419d-aa32-1f7b51622615 https://github.com/Hacker5preme/Exploits/blob/main/Wordpress/CVE-2021-24862/README.md • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2021-24648 – Registration Magic < 5.0.1.9 - Reflected Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2021-24648
The RegistrationMagic WordPress plugin before 5.0.1.9 does not sanitise and escape the rm_search_value parameter before outputting back in an attribute, leading to a Reflected Cross-Site Scripting El plugin RegistrationMagic de WordPress versiones anteriores a 5.0.1.9, no sanea ni escapa del parámetro rm_search_value antes de devolverlo a un atributo, conllevando a un ataque de tipo Cross-Site Scripting Reflejado • https://plugins.trac.wordpress.org/changeset/2646734 https://wpscan.com/vulnerability/a3573212-2a98-4504-b8f4-b4d46655e17c • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2021-4073 – RegistrationMagic <= 5.0.1.7 Authentication Bypass
https://notcve.org/view.php?id=CVE-2021-4073
The RegistrationMagic WordPress plugin made it possible for unauthenticated users to log in as any site user, including administrators, if they knew a valid username on the site due to missing identity validation in the social login function social_login_using_email() of the plugin. This affects versions equal to, and less than, 5.0.1.7. El plugin RegistrationMagic de WordPress permitía a usuarios no autenticados iniciar sesión como cualquier usuario del sitio, incluidos los administradores, si conocían un nombre de usuario válido en el sitio debido a una falta de comprobación de la identidad en la función login social social_login_using_email() del plugin. Esto afecta a las versiones iguales y menores a 5.0.1.7 • https://plugins.trac.wordpress.org/changeset/2635173/custom-registration-form-builder-with-submission-manager/trunk/services/class_rm_user_services.php https://www.wordfence.com/blog/2021/12/authentication-bypass-vulnerability-patched-in-user-registration-plugin https://www.wordfence.com/vulnerability-advisories/#CVE-2021-4073 • CWE-287: Improper Authentication •
CVSS: 9.9EPSS: 1%CPEs: 1EXPL: 1CVE-2020-9457 – RegistrationMagic – Custom Registration Forms and User Login <= 4.6.0.3 - Authenticated Settings Import to Privilege Escalation
https://notcve.org/view.php?id=CVE-2020-9457
The RegistrationMagic plugin through 4.6.0.3 for WordPress allows remote authenticated users (with minimal privileges) to import custom vulnerable forms and change form settings via class_rm_form_settings_controller.php, resulting in privilege escalation. El plugin RegistrationMagic versiones hasta 4.6.0.3 para WordPress, permite a usuarios autenticados remotos (con privilegios mínimos) importar formularios vulnerables personalizados y cambiar la configuración de los formularios por medio del archivo class_rm_form_settings_controller.php, resultando en una escalada de privilegios. • https://wordpress.org/plugins/custom-registration-form-builder-with-submission-manager/#developers https://wpvulndb.com/vulnerabilities/10116 https://www.wordfence.com/blog/2020/03/multiple-vulnerabilities-patched-in-registrationmagic-plugin • CWE-862: Missing Authorization •
CVSS: 8.8EPSS: 1%CPEs: 1EXPL: 1CVE-2020-9454 – RegistrationMagic – Custom Registration Forms and User Login <= 4.6.0.3 - Cross-Site Request Forgery to Settings Modification
https://notcve.org/view.php?id=CVE-2020-9454
A CSRF vulnerability in the RegistrationMagic plugin through 4.6.0.3 for WordPress allows remote attackers to forge requests on behalf of a site administrator to change all settings for the plugin, including deleting users, creating new roles with escalated privileges, and allowing PHP file uploads via forms. Una vulnerabilidad de tipo CSRF en el plugin RegistrationMagic versiones hasta 4.6.0.3 para WordPress, permite a atacantes remotos falsificar peticiones en nombre del administrador del sitio para cambiar todas las configuraciones del plugin, incluyendo el borrado de usuarios, la creación de roles nuevos con privilegios escalados, y permitir una carga de archivos PHP por medio de formularios. • https://wordpress.org/plugins/custom-registration-form-builder-with-submission-manager/#developers https://wpvulndb.com/vulnerabilities/10116 https://www.wordfence.com/blog/2020/03/multiple-vulnerabilities-patched-in-registrationmagic-plugin • CWE-352: Cross-Site Request Forgery (CSRF) •