Vulnerability Details CVE-2020-8436
XSS was discovered in the RegistrationMagic plugin 4.6.0.0 for WordPress via the rm_form_id, rm_tr, or form_name parameter.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 54.9%
CVSS Severity
CVSS v3 Score 6.1
CVSS v2 Score 4.3
References
- https://Spider-security.co.uk
- https://spider-security.co.uk/blog-cve-2020-8436
- https://wordpress.org/plugins/custom-registration-form-builder-with-submission-manager/#developers
- https://Spider-security.co.uk
- https://spider-security.co.uk/blog-cve-2020-8436
- https://wordpress.org/plugins/custom-registration-form-builder-with-submission-manager/#developers
Products affected by CVE-2020-8436
-
cpe:2.3:a:metagauss:registrationmagic:4.6.0.0