WordPress Pie Register <3.8.2.3 - Open Redirect

WordPress Pie Register plugin before 3.8.2.3 contains an open redirect vulnerability. The plugin does not properly validate the redirection URL when logging in and login out. An attacker can redirect a user to a malicious site and possibly obtain sensitive information, modify data, and/or execute...

WordPress Pie Register <3.7.0.1 - Cross-Site Scripting

WordPress Pie Register plugin before 3.7.0.1 is susceptible to cross-site scripting. The plugin does not sanitize the invitaioncode GET parameter when outputting it in the Activation Code page. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the...

WordPress Pie-Register <2.0.19 - Cross-Site Scripting

WordPress Pie Register before 2.0.19 contains a reflected cross-site scripting vulnerability in pie-register/pie-register.php which allows remote attackers to inject arbitrary web script or HTML via the invitaioncode parameter in a pie-register page to the default URL. id: CVE-2015-7377 info: nam...

Pie Register < 3.7.1.6 - Unauthenticated Arbitrary Login

The Registration Forms User profile, Content Restriction, Spam Protection, Payment Gateways, Invitation Codes WordPress plugin before 3.1.7.6 has a flaw in the social login implementation, allowing unauthenticated attacker to login as any user on the site by only knowing their user ID or username...

Pie Register < 3.7.1.6 - SQL Injection

The Registration Forms User profile, Content Restriction, Spam Protection, Payment Gateways, Invitation Codes WordPress plugin before 3.7.1.6 does not properly escape user data before using it in a SQL statement in the wp-json/pie/v1/login REST API endpoint, leading to an SQL injection. id:...

Exploit for Improper Authentication in Genetechsolutions Pie_Register

CVE-2021-24647 CVE-2021-24647 Pie Register 3.7.1.6 - Unau...

WordPress Genetechsolutions Pie Register Cross-Site Scripting Vulnerability

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.Genetechsolutions Pie Register is a website registration plugin used in it. A cross-site scripting vulnerability exists in WordPress...

CVE-2019-1010207

Genetechsolutions Pie Register 3.0.15 is affected by: Cross Site Scripting XSS. The impact is: Stealing of session cookies. The component is: File: Login. Parameters: interim-login, wp-lang, and supplied URL. The attack vector is: If a victim clicks a malicious link, the attacker can steal his/he...

Cross site scripting

Genetechsolutions Pie Register 3.0.15 is affected by: Cross Site Scripting XSS. The impact is: Stealing of session cookies. The component is: File: Login. Parameters: interim-login, wp-lang, and supplied URL. The attack vector is: If a victim clicks a malicious link, the attacker can steal his/he...

CVE-2019-1010207

Genetechsolutions Pie Register 3.0.15 is affected by: Cross Site Scripting XSS. The impact is: Stealing of session cookies. The component is: File: Login. Parameters: interim-login, wp-lang, and supplied URL. The attack vector is: If a victim clicks a malicious link, the attacker can steal his/he...

CVE-2019-1010207

Genetechsolutions Pie Register 3.0.15 is affected by Cross Site Scripting (XSS) in the Login component (parameters: interim-login, wp-lang, and supplied URL). The issue allows an attacker to steal session cookies if a user clicks a malicious link; root cause is insufficient validation of client-s...