Shodan
Vulnerabilities
Vulnerable Software
Metagauss:  >> Registrationmagic  >> 5.1.7.2  Security Vulnerabilities
CVE-2023-2548
The RegistrationMagic plugin for WordPress is vulnerable to Insecure Direct Object References in versions up to, and including, 5.2.0.5. This is due to the plugin providing user-controlled access to objects, letting a user bypass authorization and access system resources. This makes it possible for authenticated attackers, with administrator-level permissions and above, to change user passwords and potentially take over super-administrator accounts in multisite setup.
CVSS Score
6.6
EPSS Score
0.0
Published
2023-05-16
CVE-2023-25991
Cross-Site Request Forgery (CSRF) vulnerability in RegistrationMagic pluginĀ <= 5.1.9.2 versions.
CVSS Score
5.4
EPSS Score
0.001
Published
2023-03-13


Products
Pricing
Contact Us

Shodan ® - All rights reserved