WordPress Pie Register Plugin <= 2.0.18 - XSS

2015-09-2500:00:00

N/A

patchstack.com

EPSS

0.002

Percentile

61.5%

JSON

This vulnerability allows an attacker to inject arbitrary web script or HTML via the invitaion_code parameter in a pie-register page to the default URL.

Solution

           Update the plugin.

References

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7377

EPSS

0.002

Percentile

61.5%

JSON

Related for PATCHSTACK:1E8CD9FD5C01630B813C04F9373C031E