Vulnerability Details CVE-2020-8435
An issue was discovered in the RegistrationMagic plugin 4.6.0.0 for WordPress. There is SQL injection via the rm_analytics_show_form rm_form_id parameter.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.009
EPSS Ranking 74.0%
CVSS Severity
CVSS v3 Score 8.1
CVSS v2 Score 5.5
References
- https://Spider-security.co.uk
- https://spider-security.co.uk/blog-cve-2020-8435
- https://wordpress.org/plugins/custom-registration-form-builder-with-submission-manager/#developers
- https://Spider-security.co.uk
- https://spider-security.co.uk/blog-cve-2020-8435
- https://wordpress.org/plugins/custom-registration-form-builder-with-submission-manager/#developers
Products affected by CVE-2020-8435
-
cpe:2.3:a:metagauss:registrationmagic:4.6.0.0