Vulnerabilities and security researches forpie-register pie-register

Direction: ascending

Jun 07, 2024

Registration Forms – User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form & Conten # CVE-2015-7682

CVE, Research URL: CVE-2015-7682
Home page URL: Security reports for Registration Forms – User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form & Conten
Application: Registration Forms – User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form & Conten
Date: Oct 17, 2015
Research Description: Multiple SQL injection vulnerabilities in pie-register/pie-register.php in the Pie Register plugin before 2.0.19 for WordPress allow remote administrators to execute arbitrary SQL commands via the (1) select_invitaion_code_bulk_option or (2) invi_del_id parameter in the pie-invitation-codes page to wp-admin/admin.php.
Affected versions: max 2.0.19.
Status: vulnerable

Registration Forms – User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form & Conten # CVE-2015-7377

CVE, Research URL: CVE-2015-7377
Home page URL: Security reports for Registration Forms – User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form & Conten
Application: Registration Forms – User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form & Conten
Date: Oct 17, 2015
Research Description: Cross-site scripting (XSS) vulnerability in pie-register/pie-register.php in the Pie Register plugin before 2.0.19 for WordPress allows remote attackers to inject arbitrary web script or HTML via the invitaion_code parameter in a pie-register page to the default URI.
Affected versions: max 2.0.19.
Status: vulnerable

Registration Forms – User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form & Conten # CVE-2019-15659

CVE, Research URL: CVE-2019-15659
Home page URL: Security reports for Registration Forms – User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form & Conten
Application: Registration Forms – User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form & Conten
Date: Aug 27, 2019
Research Description: The pie-register plugin before 3.1.2 for WordPress has SQL injection, a different issue than CVE-2018-10969.
Affected versions: max 3.1.2.
Status: vulnerable

Registration Forms – User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form & Conten # CVE-2021-24647

CVE, Research URL: CVE-2021-24647
Home page URL: Security reports for Registration Forms – User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form & Conten
Application: Registration Forms – User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form & Conten
Date: Nov 08, 2021
Research Description: The Registration Forms – User profile, Content Restriction, Spam Protection, Payment Gateways, Invitation Codes WordPress plugin before 3.1.7.6 has a flaw in the social login implementation, allowing unauthenticated attacker to login as any user on the site by only knowing their user ID or username
Affected versions: max 3.7.1.6.
Status: vulnerable

Registration Forms – User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form & Conten # CVE-2021-24731

CVE, Research URL: CVE-2021-24731
Home page URL: Security reports for Registration Forms – User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form & Conten
Application: Registration Forms – User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form & Conten
Date: Nov 08, 2021
Research Description: The Registration Forms – User profile, Content Restriction, Spam Protection, Payment Gateways, Invitation Codes WordPress plugin before 3.7.1.6 does not properly escape user data before using it in a SQL statement in the wp-json/pie/v1/login REST API endpoint, leading to an SQL injection.
Affected versions: max 3.7.1.6.
Status: vulnerable

Registration Forms – User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form & Conten # CVE-2021-24239

CVE, Research URL: CVE-2021-24239
Home page URL: Security reports for Registration Forms – User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form & Conten
Application: Registration Forms – User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form & Conten
Date: Apr 23, 2021
Research Description: The Pie Register – User Registration Forms. Invitation based registrations, Custom Login, Payments WordPress plugin before 3.7.0.1 does not sanitise the invitaion_code GET parameter when outputting it in the Activation Code page, leading to a reflected Cross-Site Scripting issue.
Affected versions: max 3.7.0.1.
Status: vulnerable

Registration Forms – User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form & Conten # CVE-2013-4954

CVE, Research URL: CVE-2013-4954
Home page URL: Security reports for Registration Forms – User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form & Conten
Application: Registration Forms – User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form & Conten
Date: Jul 30, 2013
Research Description: Multiple cross-site scripting (XSS) vulnerabilities in wp-login.php in the Genetech Solutions Pie-Register plugin before 1.31 for WordPress, when "Allow New Registrations to set their own Password" is enabled, allow remote attackers to inject arbitrary web script or HTML via the (1) pass1 or (2) pass2 parameter in a register action. NOTE: some of these details are obtained from third party information.
Affected versions: max 2.0.16.
Status: vulnerable

Registration Forms – User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form & Conten # CVE-2018-10969

CVE, Research URL: CVE-2018-10969
Home page URL: Security reports for Registration Forms – User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form & Conten
Application: Registration Forms – User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form & Conten
Date: Jun 17, 2018
Research Description: SQL injection vulnerability in the Pie Register plugin before 3.0.10 for WordPress allows remote attackers to execute arbitrary SQL commands via the invitation codes grid.
Affected versions: max 3.0.10.
Status: vulnerable

Registration Forms – User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form & Conten # CVE-2014-8802

CVE, Research URL: CVE-2014-8802
Home page URL: Security reports for Registration Forms – User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form & Conten
Application: Registration Forms – User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form & Conten
Date: Jan 23, 2015
Research Description: The Pie Register plugin before 2.0.14 for WordPress does not properly restrict access to certain functions in pie-register.php, which allows remote attackers to (1) add a user by uploading a crafted CSV file or (2) activate a user account via a verifyit action.
Affected versions: max 2.0.14.
Status: vulnerable

Registration Forms – User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form & Conten # CVE-2022-4024

CVE, Research URL: CVE-2022-4024
Home page URL: Security reports for Registration Forms – User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form & Conten
Application: Registration Forms – User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form & Conten
Date: Dec 19, 2022
Research Description: The Registration Forms WordPress plugin before 3.8.1.3 does not have authorisation and CSRF when deleting users via an init action handler, allowing unauthenticated attackers to delete arbitrary users (along with their posts)
Affected versions: Min 2.0.14, max 2.0.15.
Status: vulnerable

Registration Forms – User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form & Conten # CVE-2023-0552

CVE, Research URL: CVE-2023-0552
Home page URL: Security reports for Registration Forms – User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form & Conten
Application: Registration Forms – User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form & Conten
Date: Feb 27, 2023
Research Description: The Registration Forms WordPress plugin before 3.8.2.3 does not properly validate the redirection URL when logging in and login out, leading to an Open Redirect vulnerability
Affected versions: max 2.0.15.
Status: vulnerable

Registration Forms – User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form & Conten # CVE-2024-4544

CVE, Research URL: CVE-2024-4544
Home page URL: Security reports for Registration Forms – User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form & Conten
Application: Registration Forms – User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form & Conten
Date: May 24, 2024
Research Description: The Pie Register - Social Sites Login (Add on) plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 1.7.7. This is due to insufficient verification on the user being supplied during a social login through the plugin. This makes it possible for unauthenticated attackers to log in as any existing user on the site, such as an administrator, if they have access to the email.
Affected versions: max 1.7.8.
Status: vulnerable

Registration Forms – User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form & Conten # CVE-2024-27957

CVE, Research URL: CVE-2024-27957
Home page URL: Security reports for Registration Forms – User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form & Conten
Application: Registration Forms – User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form & Conten
Date: Mar 17, 2024
Research Description: Unrestricted Upload of File with Dangerous Type vulnerability in Pie Register.This issue affects Pie Register: from n/a through 3.8.3.1.
Affected versions: max 3.8.3.3.
Status: vulnerable

Jul 10, 2024

Registration Forms – User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form & Conten # CVE-2024-6069

CVE, Research URL: CVE-2024-6069
Home page URL: Security reports for Registration Forms – User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form & Conten
Application: Registration Forms – User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form & Conten
Date: Jul 09, 2024
Research Description: The Registration Forms – User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form & Content Restriction plugin for WordPress is vulnerable to unauthorized arbitrary plugin installation and activation/deactivation due to missing capability checks on the pieregister_install_addon, pieregister_activate_addon and pieregister_deactivate_addon functions in all versions up to, and including, 3.8.3.4. This makes it possible for authenticated attackers, with Subscriber-level access and above, to install, activate and deactivate arbitrary plugins. As a result attackers might achieve code execution on the targeted server
Affected versions: max 3.8.3.5.
Status: vulnerable

Feb 23, 2025

Registration Forms – User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form & Conten # CVE-2024-13818

CVE, Research URL: CVE-2024-13818
Home page URL: Security reports for Registration Forms – User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form & Conten
Application: Registration Forms – User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form & Conten
Date: Feb 21, 2025
Research Description: The Registration Forms – User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form & Content Restriction plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.8.3.9 through publicly exposed log files. This makes it possible for unauthenticated attackers to view potentially sensitive information about users contained in the exposed log files.
Affected versions: max 3.8.4.1.
Status: vulnerable

Jul 12, 2025

Registration Forms – User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form & Conten # CVE-2025-34077

CVE, Research URL: CVE-2025-34077
Home page URL: Security reports for Registration Forms – User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form & Conten
Application: Registration Forms – User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form & Conten
Date: Jul 09, 2025
Research Description: An authentication bypass vulnerability exists in the WordPress Pie Register plugin ≤ 3.7.1.4 that allows unauthenticated attackers to impersonate arbitrary users by submitting a crafted POST request to the login endpoint. By setting social_site=true and manipulating the user_id_social_site parameter, an attacker can generate a valid WordPress session cookie for any user ID, including administrators. Once authenticated, the attacker may exploit plugin upload functionality to install a malicious plugin containing arbitrary PHP code, resulting in remote code execution on the underlying server.
Affected versions: max 3.7.1.4.
Status: vulnerable

Jan 27, 2026

Registration Forms – User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form & Conten # CVE-2026-24577

CVE, Research URL: CVE-2026-24577
Home page URL: Security reports for Registration Forms – User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form & Conten
Application: Registration Forms – User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form & Conten
Date: Jan 23, 2026
Research Description: Missing Authorization vulnerability in Genetech Products Pie Register pie-register allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Pie Register: from n/a through <= 3.8.4.7.
Affected versions: max 3.8.4.7.
Status: vulnerable

Vulnerabilities and security researches forpie-register pie-register

Registration Forms – User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form &amp; Conten # CVE-2015-7682

Registration Forms – User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form &amp; Conten # CVE-2015-7377

Registration Forms – User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form &amp; Conten # CVE-2019-15659

Registration Forms – User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form &amp; Conten # CVE-2021-24647

Registration Forms – User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form &amp; Conten # CVE-2021-24731

Registration Forms – User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form &amp; Conten # CVE-2021-24239

Registration Forms – User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form &amp; Conten # CVE-2013-4954

Registration Forms – User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form &amp; Conten # CVE-2018-10969

Registration Forms – User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form &amp; Conten # CVE-2014-8802

Registration Forms – User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form &amp; Conten # CVE-2022-4024

Registration Forms – User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form &amp; Conten # CVE-2023-0552

Registration Forms – User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form &amp; Conten # CVE-2024-4544

Registration Forms – User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form &amp; Conten # CVE-2024-27957

Registration Forms – User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form &amp; Conten # CVE-2024-6069

Registration Forms – User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form &amp; Conten # CVE-2024-13818

Registration Forms – User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form &amp; Conten # CVE-2025-34077

Registration Forms – User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form &amp; Conten # CVE-2026-24577

Registration Forms – User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form & Conten # CVE-2015-7682

Registration Forms – User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form & Conten # CVE-2015-7377

Registration Forms – User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form & Conten # CVE-2019-15659

Registration Forms – User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form & Conten # CVE-2021-24647

Registration Forms – User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form & Conten # CVE-2021-24731

Registration Forms – User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form & Conten # CVE-2021-24239

Registration Forms – User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form & Conten # CVE-2013-4954

Registration Forms – User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form & Conten # CVE-2018-10969

Registration Forms – User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form & Conten # CVE-2014-8802

Registration Forms – User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form & Conten # CVE-2022-4024

Registration Forms – User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form & Conten # CVE-2023-0552

Registration Forms – User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form & Conten # CVE-2024-4544

Registration Forms – User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form & Conten # CVE-2024-27957

Registration Forms – User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form & Conten # CVE-2024-6069

Registration Forms – User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form & Conten # CVE-2024-13818

Registration Forms – User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form & Conten # CVE-2025-34077

Registration Forms – User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form & Conten # CVE-2026-24577