CVE-2019-15659
- EPSS 0.55%
- Veröffentlicht 27.08.2019 12:15:13
- Zuletzt bearbeitet 21.11.2024 04:29:13
The pie-register plugin before 3.1.2 for WordPress has SQL injection, a different issue than CVE-2018-10969.
CVE-2019-1010207
- EPSS 0.35%
- Veröffentlicht 23.07.2019 14:15:13
- Zuletzt bearbeitet 21.11.2024 04:18:03
Genetechsolutions Pie Register 3.0.15 is affected by: Cross Site Scripting (XSS). The impact is: Stealing of session cookies. The component is: File: Login. Parameters: interim-login, wp-lang, and supplied URL. The attack vector is: If a victim click...
CVE-2018-10969
- EPSS 18.73%
- Veröffentlicht 17.06.2018 16:29:00
- Zuletzt bearbeitet 21.11.2024 03:42:24
SQL injection vulnerability in the Pie Register plugin before 3.0.10 for WordPress allows remote attackers to execute arbitrary SQL commands via the invitation codes grid.
CVE-2015-7682
- EPSS 0.36%
- Veröffentlicht 16.10.2015 20:59:15
- Zuletzt bearbeitet 12.04.2025 10:46:40
Multiple SQL injection vulnerabilities in pie-register/pie-register.php in the Pie Register plugin before 2.0.19 for WordPress allow remote administrators to execute arbitrary SQL commands via the (1) select_invitaion_code_bulk_option or (2) invi_del...
CVE-2015-7377
- EPSS 5.83%
- Veröffentlicht 16.10.2015 20:59:14
- Zuletzt bearbeitet 12.04.2025 10:46:40
Cross-site scripting (XSS) vulnerability in pie-register/pie-register.php in the Pie Register plugin before 2.0.19 for WordPress allows remote attackers to inject arbitrary web script or HTML via the invitaion_code parameter in a pie-register page to...
- EPSS 7.98%
- Veröffentlicht 23.01.2015 15:59:00
- Zuletzt bearbeitet 12.04.2025 10:46:40
The Pie Register plugin before 2.0.14 for WordPress does not properly restrict access to certain functions in pie-register.php, which allows remote attackers to (1) add a user by uploading a crafted CSV file or (2) activate a user account via a verif...