CVE-2026-3571

The Pie Register – User Registration, Profiles & Content Restriction plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the piemain function in all versions up to, and including, 3.8.4.8. This makes it possible for unauthenticated attacker...

CVE-2026-3571

The Pie Register – User Registration, Profiles & Content Restriction plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the piemain function in all versions up to, and including, 3.8.4.8. This makes it possible for unauthenticated attacker...

PT-2026-30303

The Pie Register – User Registration, Profiles & Content Restriction plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the pie main function in all versions up to, and including, 3.8.4.8. This makes it possible for unauthenticated attacke...

WordPress login_register plugin <= 1.2.0 - Cross-Site Request Forgery to Stored Cross-Site Scripting vulnerability

Cross-Site Request Forgery to Stored Cross-Site Scripting vulnerability discovered by Muhammad Nur Ibnu Hubab Ibnu - Pondok Teknologi in WordPress Plugin loginregister versions = 1.2.0...

CVE-2026-1503

The loginregister plugin for WordPress is vulnerable to Cross-Site Request Forgery to Stored Cross-Site Scripting in all versions up to, and including, 1.2.0. This is due to missing nonce validation on the settings page and insufficient input sanitization and output escaping on the...

PT-2026-26811

The login register plugin for WordPress is vulnerable to Cross-Site Request Forgery to Stored Cross-Site Scripting in all versions up to, and including, 1.2.0. This is due to missing nonce validation on the settings page and insufficient input sanitization and output escaping on the 'login regist...

CVE-2026-24577 WordPress Pie Register plugin <= 3.8.4.8 - Broken Access Control vulnerability

Missing Authorization vulnerability in Genetech Products Pie Register pie-register allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Pie Register: from n/a through = 3.8.4.8...

WordPress WP Front-end login and register plugin <= 2.1.0 - Reflected Cross-Site Scripting vulnerability

Reflected Cross-Site Scripting vulnerability discovered by Yamil in WordPress Plugin WP Front-end login and register versions = 2.1.0...

CVE-2025-68974 WordPress WordPress Social Login and Register plugin <= 7.7.0 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in miniOrange WordPress Social Login and Register miniorange-login-openid allows PHP Local File Inclusion.This issue affects WordPress Social Login and Register: from n/a through =...

CVE-2025-14440

The JAY Login & Register plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.4.01. This is due to incorrect authentication checking in the 'jayloginregisterprocessswitchback' function with the 'jayloginregisterprocessswitchback' cookie value. This makes...

WordPress Nextend Social Login and Register plugin cross-site request forgery vulnerability

WordPress Nextend Social Login and Register plugin is a free WordPress plugin designed to simplify the registration and login process for website users. A cross-site request forgery vulnerability exists in the WordPress Nextend Social Login and Register plugin, which arises from a web application...

EUVD-2014-8632

Malware in sbrugna...

EUVD-2015-7584

Malware in sbrugna...

EUVD-2019-6609

Malware in sbrugna...

EUVD-2015-7301

Malware in sbrugna...

WordPress WordPress Social Login and Register plugin <= 7.7.0 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by dutafi in WordPress Plugin WordPress Social Login and Register versions = 7.7.0...

Exploit for CVE-2025-34077

CVE-2025-34077 Unauthenticated Admin Session Hijack - Pie Regist...

CVE-2025-34077

Summary (CVE-2025-34077) : The WordPress Pie Register plugin (versions ≤ 3.7.1.4) contains an authentication bypass that allows unauthenticated attackers to impersonate any user by sending a crafted POST to the login endpoint, using social_site=true and manipulating user_id_social_site to generat...

EUVD-2025-20764

An authentication bypass vulnerability exists in the WordPress Pie Register plugin ≤ 3.7.1.4 that allows unauthenticated attackers to impersonate arbitrary users by submitting a crafted POST request to the login endpoint. By setting socialsite=true and manipulating the useridsocialsite parameter,...

CVE-2025-34077 WordPress Pie Register Plugin ≤ 3.7.1.4 Authentication Bypass RCE

An authentication bypass vulnerability exists in the WordPress Pie Register plugin ≤ 3.7.1.4 that allows unauthenticated attackers to impersonate arbitrary users by submitting a crafted POST request to the login endpoint. By setting socialsite=true and manipulating the useridsocialsite parameter,...