CVE-2026-3571

The Pie Register – User Registration, Profiles & Content Restriction plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the piemain function in all versions up to, and including, 3.8.4.8. This makes it possible for unauthenticated attacker...

CVE-2026-3571

The Pie Register – User Registration, Profiles & Content Restriction plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the piemain function in all versions up to, and including, 3.8.4.8. This makes it possible for unauthenticated attacker...

PT-2026-30303

The Pie Register – User Registration, Profiles & Content Restriction plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the pie main function in all versions up to, and including, 3.8.4.8. This makes it possible for unauthenticated attacke...

CVE-2026-24577 WordPress Pie Register plugin <= 3.8.4.8 - Broken Access Control vulnerability

Missing Authorization vulnerability in Genetech Products Pie Register pie-register allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Pie Register: from n/a through = 3.8.4.8...

EUVD-2014-8632

Malware in sbrugna...

EUVD-2015-7584

Malware in sbrugna...

EUVD-2019-6609

Malware in sbrugna...

EUVD-2015-7301

Malware in sbrugna...

Exploit for CVE-2025-34077

CVE-2025-34077 Unauthenticated Admin Session Hijack - Pie Regist...

CVE-2025-34077

Summary (CVE-2025-34077) : The WordPress Pie Register plugin (versions ≤ 3.7.1.4) contains an authentication bypass that allows unauthenticated attackers to impersonate any user by sending a crafted POST to the login endpoint, using social_site=true and manipulating user_id_social_site to generat...

EUVD-2025-20764

An authentication bypass vulnerability exists in the WordPress Pie Register plugin ≤ 3.7.1.4 that allows unauthenticated attackers to impersonate arbitrary users by submitting a crafted POST request to the login endpoint. By setting socialsite=true and manipulating the useridsocialsite parameter,...

CVE-2025-34077 WordPress Pie Register Plugin ≤ 3.7.1.4 Authentication Bypass RCE

An authentication bypass vulnerability exists in the WordPress Pie Register plugin ≤ 3.7.1.4 that allows unauthenticated attackers to impersonate arbitrary users by submitting a crafted POST request to the login endpoint. By setting socialsite=true and manipulating the useridsocialsite parameter,...

CVE-2019-15659

The pie-register plugin before 3.1.2 for WordPress has SQL injection, a different issue than CVE-2018-10969...

WordPress Pie Register plugin <= 3.8.4 - Sensitive Information Exposure via Log Files vulnerability

Sensitive Information Exposure via Log Files vulnerability discovered by wesley wcraft in WordPress Plugin Pie Register versions = 3.8.4...

WordPress plugin Pie Register 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...

WordPress Pie Register Plugin < 3.8.1.3 is vulnerable to Arbitrary Content Deletion

Software Pie Register Type Plugin Vulnerable versions 3.8.1.3 Fixed in 3.8.1.3 OWASP Top 10 A1: Injection Classification Arbitrary Content Deletion CVE CVE-2022-4024 Patch priority High CVSS severity High 8.2 Developer Claim ownership PSID 837f46e8cf1c Credits cydave Required privilege...

CVE-2023-0552 Pie Register < 3.8.2.3 - Open Redirect

The Registration Forms WordPress plugin before 3.8.2.3 does not properly validate the redirection URL when logging in and login out, leading to an Open Redirect vulnerability...

Pie Register < 3.8.1.3 - Unauthenticated Arbitrary User Deletion

The plugin does not have authorisation and CSRF when deleting users via an init action handler, allowing unauthenticated attackers to delete arbitrary users along with their posts PoC Invoke the following curl command to delete the user user id 2 curl https://example.com/wp-admin/admin-ajax.php...

WordPress 插件授权问题漏洞

WordPress is a set of blogging platforms developed using the PHP language by the Wordpress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. An authorization issue vulnerability exists in the WordPress Pie Register plugin prior to version 3.7.1.6, whi...

Pie Register < 3.7.1.6 - Unauthenticated Arbitrary Login

The plugin has a flaw in the social login implementation, allowing unauthenticated attacker to login as any user on the site by only knowing their user ID or username /pie-register-login/ is the login page of the plugin, ie the one with pieregisterlogin v 3.7.1.5 POST /pie-register-login/ HTTP/1....