CVE-2025-34077

EPSS 9.9%
Veröffentlicht 09.07.2025 00:49:28
Zuletzt bearbeitet 15.04.2026 00:35:42
Quelle disclosure@vulncheck.com
CVE-Watchlists
Login
Unerledigt
Login

WordPress Pie Register Plugin ≤ 3.7.1.4 Authentication Bypass RCE

Pie Register <= 3.7.1.4 - Authentication Bypass

An authentication bypass vulnerability exists in the WordPress Pie Register plugin ≤ 3.7.1.4 that allows unauthenticated attackers to impersonate arbitrary users by submitting a crafted POST request to the login endpoint. By setting social_site=true and manipulating the user_id_social_site parameter, an attacker can generate a valid WordPress session cookie for any user ID, including administrators. Once authenticated, the attacker may exploit plugin upload functionality to install a malicious plugin containing arbitrary PHP code, resulting in remote code execution on the underlying server.

Mögliche Gegenmaßnahme

Pie Register – User Registration, Profiles & Content Restriction: Update to version 3.7.1.5, or a newer patched version

Betroffene Produkte Warnungen 0 Metriken 2 CWE 3 Referenzen 10

CNA 1 VulnDex Vulnerability Enrichment 2

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerGenetech Solutions

≫

Produkt WordPress Pie Register Plugin

Default Statusunaffected

Version <= 3.7.1.4

Version 0

Status affected

VulnDex Vulnerability Enrichment

Diese Information steht angemeldeten Benutzern zur Verfügung.

Weitere Schwachstelleninformationen

SystemWordPress Plugin

≫

Produkt Pie Register – User Registration, Profiles & Content Restriction

Version *-3.7.1.4

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	9.9%	0.95

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
disclosure@vulncheck.com	10	0	0	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

CWE-306 Missing Authentication for Critical Function

The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.

CWE-434 Unrestricted Upload of File with Dangerous Type

The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.

CWE-94 Improper Control of Generation of Code ('Code Injection')

The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.

https://pieregister.com/

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/unix/webapp/wp_pie_register_bypass_rce.rb

https://www.exploit-db.com/exploits/50395

https://github.com/GTSolutions/Pie-Register

https://wordpress.org/plugins/pie-register/

https://vulncheck.com/advisories/wordpress-pie-register-plugin-rce

https://www.wordfence.com/threat-intel/vulnerabilities/id/819b9565-2eb1-4b87-bf3a-5cd93429cafe

Third Party Advisory

https://nvd.nist.gov/vuln/detail/CVE-2025-34077

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-34077

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-34077

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2025-34077