📦 Registrationmagic

This vulnerability allows unauthenticated attackers to execute arbitrary PHP code on WordPress sites using vulnerable versions of the RegistrationMagic plugin. Attackers can inject malicious PHP objec...

This vulnerability allows unauthenticated attackers to reset passwords of any WordPress user, including administrators, by exploiting improper token validation in the RegistrationMagic plugin. All Wor...

This vulnerability allows unauthenticated attackers to bypass authentication in WordPress sites using the RegistrationMagic plugin. By exploiting insufficient verification during Google social login, ...

CVE-2021-4073 is an authentication bypass vulnerability in the RegistrationMagic WordPress plugin that allows unauthenticated attackers to log in as any user (including administrators) by knowing a va...

This reflected cross-site scripting (XSS) vulnerability in the RegistrationMagic WordPress plugin allows attackers to inject malicious scripts into web pages viewed by other users. The vulnerability a...

This CVE describes a Missing Authorization vulnerability in the RegistrationMagic WordPress plugin that allows attackers to bypass access controls. It affects all versions up to 5.2.3.0, potentially e...

This vulnerability in the RegistrationMagic WordPress plugin allows attackers to bypass access controls and modify arbitrary prices in forms. It affects all WordPress sites using RegistrationMagic ver...

This vulnerability allows authenticated attackers with contributor-level access or higher to perform blind SQL injection attacks via the 'id' parameter in the RegistrationMagic WordPress plugin. Attac...

This vulnerability allows attackers to inject malicious scripts into web pages generated by the RegistrationMagic WordPress plugin. When users visit a specially crafted URL, the script executes in the...

This vulnerability allows attackers to inject malicious scripts into web pages generated by the RegistrationMagic WordPress plugin. When users visit a specially crafted URL, the script executes in the...

This SQL injection vulnerability in the RegistrationMagic WordPress plugin allows attackers to execute arbitrary SQL commands through specially crafted inputs. It affects all WordPress sites using Reg...

This CVE describes a SQL injection vulnerability in the RegistrationMagic WordPress plugin versions before 5.0.1.6. The vulnerability allows attackers to execute arbitrary SQL commands via the rm_chro...

This vulnerability allows high-privilege WordPress users (like administrators) to inject malicious scripts into the RegistrationMagic plugin settings, which then execute when other users view those se...

This vulnerability allows attackers to inject malicious scripts into web pages generated by the RegistrationMagic WordPress plugin. When users view affected pages, the scripts execute in their browser...

This vulnerability in the RegistrationMagic WordPress plugin allows attackers to bypass form submission limits, enabling functionality misuse. It affects all WordPress sites using RegistrationMagic ve...