WordPress Pie Register plugin < 3.8.4.10 - Unauthenticated Email Verification Bypass via Predictable Token vulnerability

Unauthenticated Email Verification Bypass via Predictable Token vulnerability discovered by Haitam Lazaar in WordPress Plugin Pie Register versions 3.8.4.10...

CVE-2026-10530

The Pie Register WordPress plugin before 3.8.4.10 does not use sufficiently random values when generating its account verification tokens, allowing unauthenticated attackers to predict a valid token and activate an account without access to the associated email inbox...

CVE-2026-10530 Pie Register < 3.8.4.10 - Unauthenticated Email Verification Bypass via Predictable Token

The Pie Register WordPress plugin before 3.8.4.10 does not use sufficiently random values when generating its account verification tokens, allowing unauthenticated attackers to predict a valid token and activate an account without access to the associated email inbox...

EUVD-2026-38210

The Pie Register WordPress plugin before 3.8.4.10 does not use sufficiently random values when generating its account verification tokens, allowing unauthenticated attackers to predict a valid token and activate an account without access to the associated email inbox...

CVE-2026-10530

The CVE-2026-10530 entry concerns the WordPress Pie Register plugin prior to 3.8.4.10, where account verification tokens are generated with insufficient randomness. This allows an unauthenticated attacker to predict a valid token and activate a user account without access to the associated email ...

CVE-2026-10530

The Pie Register WordPress plugin before 3.8.4.10 does not use sufficiently random values when generating its account verification tokens, allowing unauthenticated attackers to predict a valid token and activate an account without access to the associated email inbox...

CVE-2026-3571

The Pie Register – User Registration, Profiles & Content Restriction plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the piemain function in all versions up to, and including, 3.8.4.8. This makes it possible for unauthenticated attacker...

CVE-2026-3571

The Pie Register – User Registration, Profiles & Content Restriction plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the piemain function in all versions up to, and including, 3.8.4.8. This makes it possible for unauthenticated attacker...

PT-2026-30303

The Pie Register – User Registration, Profiles & Content Restriction plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the pie main function in all versions up to, and including, 3.8.4.8. This makes it possible for unauthenticated attacke...

WordPress login_register plugin <= 1.2.0 - Cross-Site Request Forgery to Stored Cross-Site Scripting vulnerability

Cross-Site Request Forgery to Stored Cross-Site Scripting vulnerability discovered by Muhammad Nur Ibnu Hubab Ibnu - Pondok Teknologi in WordPress Plugin loginregister versions = 1.2.0...

CVE-2026-1503

The loginregister plugin for WordPress is vulnerable to Cross-Site Request Forgery to Stored Cross-Site Scripting in all versions up to, and including, 1.2.0. This is due to missing nonce validation on the settings page and insufficient input sanitization and output escaping on the...

PT-2026-26811

The login register plugin for WordPress is vulnerable to Cross-Site Request Forgery to Stored Cross-Site Scripting in all versions up to, and including, 1.2.0. This is due to missing nonce validation on the settings page and insufficient input sanitization and output escaping on the 'login regist...

CVE-2026-24577 WordPress Pie Register plugin <= 3.8.4.8 - Broken Access Control vulnerability

Missing Authorization vulnerability in Genetech Products Pie Register pie-register allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Pie Register: from n/a through = 3.8.4.8...

WordPress WP Front-end login and register plugin <= 2.1.0 - Reflected Cross-Site Scripting vulnerability

Reflected Cross-Site Scripting vulnerability discovered by Yamil in WordPress Plugin WP Front-end login and register versions = 2.1.0...

CVE-2025-68974 WordPress WordPress Social Login and Register plugin <= 7.7.0 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in miniOrange WordPress Social Login and Register miniorange-login-openid allows PHP Local File Inclusion.This issue affects WordPress Social Login and Register: from n/a through =...

CVE-2025-14440

The JAY Login & Register plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.4.01. This is due to incorrect authentication checking in the 'jayloginregisterprocessswitchback' function with the 'jayloginregisterprocessswitchback' cookie value. This makes...

WordPress Nextend Social Login and Register plugin cross-site request forgery vulnerability

WordPress Nextend Social Login and Register plugin is a free WordPress plugin designed to simplify the registration and login process for website users. A cross-site request forgery vulnerability exists in the WordPress Nextend Social Login and Register plugin, which arises from a web application...

EUVD-2019-6609

Malware in sbrugna...

EUVD-2014-8632

Malware in sbrugna...

EUVD-2015-7301

Malware in sbrugna...