Registration Forms – User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form & Conten, f6788a0ab7bb01a74bea16f0dcd22ec268db8d0d

CVE, Research URL: f6788a0ab7bb01a74bea16f0dcd22ec268db8d0d
Home page URL: Security reports for Registration Forms – User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form & Conten
Application: Registration Forms – User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form & Conten
Published on: May 04, 2015
Research Description: Pie Register – User Registration, Profiles & Content Restriction [pie-register] >= 2.0.14 - <= 2.0.15 Registration Forms – User Profile, Custom Registration Form, Login Form, Invitation-Based Registrations for WordPress 2.0.14 - 2.0.15 - Authentication Bypass The Registration Forms – User Profile, Custom Registration Form, Login Form, Invitation-Based Registrations plugin for WordPress is vulnerable to authentication bypass in versions 2.0.14 - 2.0.15 . This is due to a lack of validation of user input in a login request to the plugin. This makes it possible for unauthenticated attackers to authenticate as an administrator when supplying a site administrators user id.
Affected versions: Min 2.0.14, max 2.0.15.
Status: vulnerable

Registration Forms – User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form &amp; Conten, f6788a0ab7bb01a74bea16f0dcd22ec268db8d0d