Vulnerabilities

CVE-2020-9454

by Fred · 06/03/2020

A CSRF vulnerability in the RegistrationMagic plugin through 4.6.0.3 for WordPress allows remote attackers to forge requests on behalf of a site administrator to change all settings for the plugin, including deleting users, creating new roles with escalated privileges, and allowing PHP file uploads via forms.

Date published : 2020-03-06

RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login

https://wpvulndb.com/vulnerabilities/10116

Similar

Tags: Cybersecurity Alert