CVE-2020-9457

Publication date

2020-03-06 18:56:35

Family

mitre

State

PUBLISHED

Description

The RegistrationMagic plugin through 4.6.0.3 for WordPress allows remote authenticated users (with minimal privileges) to import custom vulnerable forms and change form settings via class_rm_form_settings_controller.php, resulting in privilege escalation.