5 matches found
WordPress Pie Register Plugin SQL Injection (CVE-2018-10969)
A command execution vulnerability exists in WordPress. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...
CVE-2018-10969
SQL injection vulnerability in the Pie Register plugin before 3.0.10 for WordPress allows remote attackers to execute arbitrary SQL commands via the invitation codes grid...
CVE-2018-10969
SQL injection vulnerability in the Pie Register plugin before 3.0.10 for WordPress allows remote attackers to execute arbitrary SQL commands via the invitation codes grid...
CVE-2018-10969
CVE-2018-10969 : SQL injection in the WordPress Pie Register plugin (before 3.0.10) allows remote attackers to execute arbitrary SQL via the invitation codes grid. Affected software: Pie Register plugin for WordPress. Root cause: unparameterized SQL in the invitation codes grid. Impact: attacker ...
WordPress Plugin Pie Register < 3.0.9 - Blind SQL Injection
Title: WordPress Plugin Pie Register order = escsql $order ; IV. PROOF OF CONCEPT The following URL have been confirmed to all suffer from Time Based SQL Injection. GET /wordpress/wp-admin/admin.php?page=pie-invitation-codes&orderby=name&order=desc original GET...