Registration Forms – User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form & Conten, f30f77bd-2e6e-45cd-ac02-c9d3985844da

CVE, Research URL: f30f77bd-2e6e-45cd-ac02-c9d3985844da
Home page URL: Security reports for Registration Forms – User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form & Conten
Application: Registration Forms – User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form & Conten
Published on: -
Research Description: Pie Register – User Registration, Profiles & Content Restriction [pie-register] < 2.0.16 Pie Register 2.0.14-2.0.15 - Privilege Escalation User input is not validated correctly when accepting a login request via the Pie Register plugin. It is possible to manipulate posted variables in order to login using an arbitrary User ID (such as 1, for the default Administrative account).
Affected versions: max 2.0.16.
Status: vulnerable

Registration Forms – User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form &amp; Conten, f30f77bd-2e6e-45cd-ac02-c9d3985844da