Lucene search
K

WordPress Pie Register <3.8.2.3 - Open Redirect

🗓️ 02 Jul 2026 09:36:57Reported by ProjectDiscoveryType 
nuclei
 nuclei
🔗 github.com👁 46 Views

WordPress Pie Register <3.8.2.3 - Open Redirect, improper URL validation, allows redirection to malicious sites and sensitive information exposur

Related
Refs
Code
id: CVE-2023-0552

info:
  name: WordPress Pie Register <3.8.2.3 - Open Redirect
  author: r3Y3r53
  severity: medium
  description: |
    WordPress Pie Register plugin before 3.8.2.3 contains an open redirect vulnerability. The plugin does not properly validate the redirection URL when logging in and login out. An attacker can redirect a user to a malicious site and possibly obtain sensitive information, modify data, and/or execute unauthorized operations.
  impact: |
    Authenticated attackers with low privileges can manipulate the redirect_to parameter during logout to redirect users to malicious sites for phishing attacks.
  remediation: |
    Fixed in version 3.8.2.3.
  reference:
    - https://wpscan.com/vulnerability/832c6155-a413-4641-849c-b98ba55e8551
    - https://nvd.nist.gov/vuln/detail/CVE-2023-0552
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
    cvss-score: 5.4
    cve-id: CVE-2023-0552
    cwe-id: CWE-601
    epss-score: 0.24263
    epss-percentile: 0.97585
    cpe: cpe:2.3:a:genetechsolutions:pie_register:*:*:*:*:*:wordpress:*:*
  metadata:
    verified: true
    max-request: 1
    vendor: genetechsolutions
    product: pie_register
    framework: wordpress
  tags: cve2023,cve,redirect,pie,pie-register,wpscan,genetechsolutions,wordpress,vkev,vuln

http:
  - method: GET
    path:
      - "{{BaseURL}}/wp-admin?piereg_logout_url=true&redirect_to=https://oast.me"

    redirects: true
    matchers:
      - type: regex
        part: header
        regex:
          - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)(?:[a-zA-Z0-9\-_\.@]*)oast\.me.*$'
# digest: 4a0a004730450220407ea70bb04ea92a42b22a9a8ce61411fdd9fcff7926e7654acef6c6f12e325b022100c4a735a791b2d7b78bc7fbb30c56a374c2848be68059a1dad9da176288943288:922c64590222798bb761d5b6d8e72950

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

04 Feb 2026 07:00Current
6.2Medium risk
Vulners AI Score6.2
CVSS 3.15.4
EPSS0.24263
SSVC
46