Page 4 of 17 results (0.018 seconds)

CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 1

An issue was discovered in the RegistrationMagic plugin 4.6.0.0 for WordPress. There is SQL injection via the rm_analytics_show_form rm_form_id parameter. Se detectó un problema en el plugin RegistrationMagic 4.6.0.0 para WordPress. Se presenta una inyección SQL por medio del parámetro rm_analytics_show_form rm_form_id. An issue was discovered in the RegistrationMagic plugin 4.6.0.2 for WordPress. • https://Spider-security.co.uk https://spider-security.co.uk/blog-cve-2020-8435 https://wordpress.org/plugins/custom-registration-form-builder-with-submission-manager/#developers • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1

XSS was discovered in the RegistrationMagic plugin 4.6.0.0 for WordPress via the rm_form_id, rm_tr, or form_name parameter. Se detectó una vulnerabilidad de tipo XSS en el plugin RegistrationMagic 4.6.0.0 para WordPress por medio del parámetro rm_form_id, rm_tr o form_name. XSS was discovered in the RegistrationMagic plugin 4.6.0.1 for WordPress via the rm_form_id, rm_tr, or form_name parameter. • https://Spider-security.co.uk https://spider-security.co.uk/blog-cve-2020-8436 https://wordpress.org/plugins/custom-registration-form-builder-with-submission-manager/#developers • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •