546 matches found
WordPress Pie-Register <2.0.19 - Cross-Site Scripting
WordPress Pie Register before 2.0.19 contains a reflected cross-site scripting vulnerability in pie-register/pie-register.php which allows remote attackers to inject arbitrary web script or HTML via the invitaioncode parameter in a pie-register page to the default URL. id: CVE-2015-7377 info: nam...
WordPress Pie Register <3.8.2.3 - Open Redirect
WordPress Pie Register plugin before 3.8.2.3 contains an open redirect vulnerability. The plugin does not properly validate the redirection URL when logging in and login out. An attacker can redirect a user to a malicious site and possibly obtain sensitive information, modify data, and/or execute...
WordPress Pie Register <3.7.0.1 - Cross-Site Scripting
WordPress Pie Register plugin before 3.7.0.1 is susceptible to cross-site scripting. The plugin does not sanitize the invitaioncode GET parameter when outputting it in the Activation Code page. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the...
WordPress Pie Register <= 3.7.1.4 - Authentication Bypass
An authentication bypass vulnerability exists in the WordPress Pie Register plugin ≤ 3.7.1.4 that allows unauthenticated attackers to impersonate arbitrary users by submitting a crafted POST request to the login endpoint. By setting socialsite=true and manipulating the useridsocialsite parameter,...
Pie Register < 3.7.1.6 - Unauthenticated Arbitrary Login
The Registration Forms User profile, Content Restriction, Spam Protection, Payment Gateways, Invitation Codes WordPress plugin before 3.1.7.6 has a flaw in the social login implementation, allowing unauthenticated attacker to login as any user on the site by only knowing their user ID or username...
Fedora 43 : pie (2026-b7427db462)
The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-b7427db462 advisory. Version 1.4.4 Dependencies - Update Composer to 2.9.8 ---- Version 1.4.3 - add output check for dnf permission denied thanks to @asgrim and @hackel - don't...
[SECURITY] Fedora 44 Update: pie-1.4.4-1.fc44
PIE PHP Installer for Extensions. PIE can install an extension to any installed PHP version. A list of extensions that support PIE can be found on https://packagist.org/extensions. Documentation: /usr/share/doc/pie/docs/usage.md...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: net/sched: fqpie: prevent dismantle issue For some reason, the fqpieDestroy function did not copy the working code from pieDestroy and other related functions, thereby causing a bug. Before calling deltimersync&q-adapttimer, we...
Malicious code in @piewasm/pie-web-npm-package (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis c0784e4ad568cf85bee3ae36dde67ba090887b3f18f501a518cb24911fb7be29 The OpenSSF Package Analysis project identified '@piewasm/pie-web-npm-package' @ 99.9.1 npm as malicious. It is considered malicious because: -...
MAL-2026-4172 Malicious code in @piewasm/pie-web-npm-package (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis c0784e4ad568cf85bee3ae36dde67ba090887b3f18f501a518cb24911fb7be29 The OpenSSF Package Analysis project identified '@piewasm/pie-web-npm-package' @ 99.9.1 npm as malicious. It is considered malicious because: -...
CVE-2026-4304 WeePie Cookie Allow <= 3.4.11 - Unauthenticated SQL Injection via 'consent' Parameter
The WeePie Cookie Allow plugin for WordPress is vulnerable to SQL Injection via the 'consent' parameter in all versions up to, and including, 3.4.11 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for...
PT-2026-37045
The WeePie Cookie Allow plugin for WordPress is vulnerable to SQL Injection via the 'consent' parameter in all versions up to, and including, 3.4.11 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for...
[SECURITY] Fedora 44 Update: pie-1.4.1-1.fc44
PIE PHP Installer for Extensions. PIE can install an extension to any installed PHP version. A list of extensions that support PIE can be found on https://packagist.org/extensions. Documentation: /usr/share/doc/pie/docs/usage.md...
Fedora 44 : pie (2026-7acc0ad1fc)
The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-7acc0ad1fc advisory. Version 1.4.1 - Update bundled Composer to 2.9.7 ---- Version 1.4.0 New features! - Prompt to install missing system dependencies - Prompt to install build...
Fedora 43 : pie (2026-3f4283f831)
The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-3f4283f831 advisory. Version 1.4.1 - Update bundled Composer to 2.9.7 ---- Version 1.4.0 New features! - Prompt to install missing system dependencies - Prompt to install build...
CVE-2026-3571
The Pie Register – User Registration, Profiles & Content Restriction plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the piemain function in all versions up to, and including, 3.8.4.8. This makes it possible for unauthenticated attacker...
EUVD-2026-18965
The Pie Register – User Registration, Profiles & Content Restriction plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the piemain function in all versions up to, and including, 3.8.4.8. This makes it possible for unauthenticated attacker...
CVE-2026-3571
The Pie Register – User Registration, Profiles & Content Restriction plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the piemain function in all versions up to, and including, 3.8.4.8. This makes it possible for unauthenticated attacker...
CVE-2026-3571 Pie Register – User Registration, Profiles & Content Restriction <= 3.8.4.8 - Missing Authorization to Unauthenticated Registration Form Status Modification
The Pie Register – User Registration, Profiles & Content Restriction plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the piemain function in all versions up to, and including, 3.8.4.8. This makes it possible for unauthenticated attacker...
CVE-2026-3571
The Pie Register – User Registration, Profiles & Content Restriction plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the piemain function in all versions up to, and including, 3.8.4.8. This makes it possible for unauthenticated attacker...