Registration Magic < 5.0.1.9 - Reflected Cross-Site Scripting
CVE-2021-24648
6.1MEDIUM
What is CVE-2021-24648?
The RegistrationMagic WordPress plugin before 5.0.1.9 does not sanitise and escape the rm_search_value parameter before outputting back in an attribute, leading to a Reflected Cross-Site Scripting