CVE-2020-9458

 

Published at: - 06-03-2020 08:15

Last modified: - 21-01-2022 09:58

Total changes: - 3

Description

In the RegistrationMagic plugin through 4.6.0.3 for WordPress, the export function allows remote authenticated users (with minimal privileges) to export submitted form data and settings via class_rm_form_controller.php rm_form_export.

Common Vulnerability Scoring System (CVSS)

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

 

Verification logic

 

Reference

• https://www.wordfence.com/blog/2020/03/multiple-vulnerabilities-patched-in-registrationmagic-plugin/
• https://wpvulndb.com/vulnerabilities/10116
• https://wordpress.org/plugins/custom-registration-form-builder-with-submission-manager/#developers

 

Keywords

NVD

 

CVE-2020-9458

 

CVE

 

Common vulnerabilities & exposures

 

CVSS

 

Common vulnerability scoring system

 

Security

 

Vulnerabilities

 

Exposures