CVE-2020-9455 - Vulnerability Details - OpenCVE

The RegistrationMagic plugin through 4.6.0.3 for WordPress allows remote authenticated users (with minimal privileges) to send arbitrary emails on behalf of the site via class_rm_user_services.php send_email_user_view.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact Low

Availability Impact None

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication Single

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

This CVE is not in the KEV list.

The EPSS score is 0.00208.

Key SSVC decision points have not yet been added.

Vendors	Products
Metagauss	Registrationmagic

Configuration 1 [-]

cpe:2.3:a:metagauss:registrationmagic:*:*:*:*:*:wordpress:*:*

No data.

No data.

Advisories

Source	ID	Title
EUVD	EUVD-2020-30274	The RegistrationMagic plugin through 4.6.0.3 for WordPress allows remote authenticated users (with minimal privileges) to send arbitrary emails on behalf of the site via class_rm_user_services.php send_email_user_view.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://wordpress.org/plugins/custom-registration-form-builder-with-submission-manager/#developers
https://wpvulndb.com/vulnerabilities/10116
https://www.wordfence.com/blog/2020/03/multiple-vulnerabilities-patched-in-registrationmagic-plugin/

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2020-03-06T18:49:50

Updated: 2024-08-04T10:26:16.213Z

Reserved: 2020-02-28T00:00:00

Link: CVE-2020-9455

Vulnrichment

No data.

NVD

Status : Modified

Published: 2020-03-06T19:15:11.483

Modified: 2024-11-21T05:40:40.620

Link: CVE-2020-9455

Redhat

No data.

OpenCVE Enrichment

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "The RegistrationMagic plugin through 4.6.0.3 for WordPress allows remote authenticated users (with minimal privileges) to send arbitrary emails on behalf of the site via class_rm_user_services.php send_email_user_view."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2020-03-06T18:50:46", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://wordpress.org/plugins/custom-registration-form-builder-with-submission-manager/#developers"}, {"tags": ["x_refsource_MISC"], "url": "https://wpvulndb.com/vulnerabilities/10116"}, {"tags": ["x_refsource_MISC"], "url": "https://www.wordfence.com/blog/2020/03/multiple-vulnerabilities-patched-in-registrationmagic-plugin/"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2020-9455", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The RegistrationMagic plugin through 4.6.0.3 for WordPress allows remote authenticated users (with minimal privileges) to send arbitrary emails on behalf of the site via class_rm_user_services.php send_email_user_view."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://wordpress.org/plugins/custom-registration-form-builder-with-submission-manager/#developers", "refsource": "MISC", "url": "https://wordpress.org/plugins/custom-registration-form-builder-with-submission-manager/#developers"}, {"name": "https://wpvulndb.com/vulnerabilities/10116", "refsource": "MISC", "url": "https://wpvulndb.com/vulnerabilities/10116"}, {"name": "https://www.wordfence.com/blog/2020/03/multiple-vulnerabilities-patched-in-registrationmagic-plugin/", "refsource": "MISC", "url": "https://www.wordfence.com/blog/2020/03/multiple-vulnerabilities-patched-in-registrationmagic-plugin/"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T10:26:16.213Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://wordpress.org/plugins/custom-registration-form-builder-with-submission-manager/#developers"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://wpvulndb.com/vulnerabilities/10116"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.wordfence.com/blog/2020/03/multiple-vulnerabilities-patched-in-registrationmagic-plugin/"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2020-9455", "datePublished": "2020-03-06T18:49:50", "dateReserved": "2020-02-28T00:00:00", "dateUpdated": "2024-08-04T10:26:16.213Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:metagauss:registrationmagic:*:*:*:*:*:wordpress:*:*", "matchCriteriaId": "C5B2E36E-30CF-4249-B17F-7736BA325D23", "versionEndIncluding": "4.6.0.3", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "The RegistrationMagic plugin through 4.6.0.3 for WordPress allows remote authenticated users (with minimal privileges) to send arbitrary emails on behalf of the site via class_rm_user_services.php send_email_user_view."}, {"lang": "es", "value": "En el plugin RegistrationMagic versiones hasta 4.6.0.3 para WordPress, permite a usuarios autenticados remotos (con privilegios m\u00ednimos) enviar correos electr\u00f3nicos arbitrarios en nombre del sitio por medio de la funci\u00f3n send_email_user_view del archivo class_rm_user_services.php."}], "id": "CVE-2020-9455", "lastModified": "2024-11-21T05:40:40.620", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "NONE", "baseScore": 4.0, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2020-03-06T19:15:11.483", "references": [{"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://wordpress.org/plugins/custom-registration-form-builder-with-submission-manager/#developers"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://wpvulndb.com/vulnerabilities/10116"}, {"source": "cve@mitre.org", "tags": ["Exploit", "Third Party Advisory"], "url": "https://www.wordfence.com/blog/2020/03/multiple-vulnerabilities-patched-in-registrationmagic-plugin/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://wordpress.org/plugins/custom-registration-form-builder-with-submission-manager/#developers"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://wpvulndb.com/vulnerabilities/10116"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Third Party Advisory"], "url": "https://www.wordfence.com/blog/2020/03/multiple-vulnerabilities-patched-in-registrationmagic-plugin/"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-862"}], "source": "nvd@nist.gov", "type": "Primary"}]}