CVE-2024-1990 | metagauss RegistrationMagic Plugin up to 5.3.1.0 on WordPress RM_Form Shortcode id sql injection

Inserito da Angelo Barbosa | Apr 10, 2024 | CVE

A vulnerability classified as critical has been found in metagauss RegistrationMagic Plugin up to 5.3.1.0 on WordPress. Affected is an unknown function of the component RM_Form Shortcode Handler. The manipulation of the argument id leads to sql injection.

This vulnerability is traded as CVE-2024-1990. It is possible to launch the attack remotely. There is no exploit available.

CVE-2024-1990 | metagauss RegistrationMagic Plugin up to 5.3.1.0 on WordPress RM_Form Shortcode id sql injection

Post correlati

CVE-2024-4413 | Hotel Booking Lite Plugin up to 4.11.1 on WordPress code injection

CVE-2024-34411 | Thomas Scholl canvasio3D Light Plugin up to 2.5.0 on WordPress unrestricted upload

CVE-2024-40560 | Tmall Demo prior 2024.07.03 sql injection

CVE-2024-50507 | Daniel Schmitzer DS.DownloadList Plugin up to 1.3 on WordPress deserialization