Registration Forms – User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form & Conten, f0b9e57d-e319-415d-8333-48586c111108

CVE, Research URL: f0b9e57d-e319-415d-8333-48586c111108
Home page URL: Security reports for Registration Forms – User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form & Conten
Application: Registration Forms – User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form & Conten
Published on: -
Research Description: Pie Register – User Registration, Profiles & Content Restriction [pie-register] < 2.0.16 Pie Register 2.0.14-2.0.15 - SQL Injection User input is not validated correctly when accepting an Invitation Code, as such an SQL Injection attack is possible. This attack is triggered when the parameters ‘show_dash_widget’ and ‘invitaion_code’ are provided to any page, by any user (anonymous or otherwise).
Affected versions: max 2.0.16.
Status: vulnerable

Registration Forms – User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form &amp; Conten, f0b9e57d-e319-415d-8333-48586c111108