Vulnerabilities > Metagauss > Registrationmagic > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-28 | CVE-2023-50846 | SQL Injection vulnerability in Metagauss Registrationmagic Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in RegistrationMagic RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login.This issue affects RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login: from n/a through 5.2.4.5. | 7.2 |
| 2023-11-30 | CVE-2023-47645 | Cross-Site Request Forgery (CSRF) vulnerability in Metagauss Registrationmagic Cross-Site Request Forgery (CSRF) vulnerability in RegistrationMagic RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login allows Cross Site Request Forgery.This issue affects RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login: from n/a through 5.2.2.6. | 8.8 |
| 2023-05-16 | CVE-2023-2548 | Authorization Bypass Through User-Controlled Key vulnerability in Metagauss Registrationmagic The RegistrationMagic plugin for WordPress is vulnerable to Insecure Direct Object References in versions up to, and including, 5.2.0.5. | 7.2 |
| 2023-03-13 | CVE-2023-25991 | Cross-Site Request Forgery (CSRF) vulnerability in Metagauss Registrationmagic Cross-Site Request Forgery (CSRF) vulnerability in RegistrationMagic plugin <= 5.1.9.2 versions. | 8.8 |