WordPress Plugin Vulnerabilities

Pie-Register <= 2.0.18 - Unauthenticated Reflected Cross-Site Scripting (XSS)

Description

The Pie Register – User Registration Forms. Invitation based registrations, Custom Login, Payments WordPress plugin was affected by an Unauthenticated Reflected Cross-Site Scripting (XSS) security vulnerability.

Affects Plugins

Plugin icon
pie-register
Fixed in 2.0.19

References

CVE
CVE-2015-7377
URL
https://www.securityfocus.com/archive/1/536668
URL
https://github.com/GTSolutions/Pie-Register

Classification

Type
XSS
OWASP top 10
A7: Cross-Site Scripting (XSS)
CWE
CWE-79

Miscellaneous

Submitter
ethicalhack3r
Submitter twitter
ethicalhack3r
Verified
No
WPVDB ID
6588a392-1bfa-4699-ae82-ffd22a0eac61

Timeline

Publicly Published
2015-10-12 (about 10 years ago)
Added
2015-10-12 (about 10 years ago)
Last Updated
2019-10-31 (about 6 years ago)

Other

Published
Title
Published
2025-02-20
Title
WP Click Info <= 2.7.4 - Reflected XSS
Published
2024-03-27
Title
Elementor Addon Elements < 1.13.3 - Contributor+ DOM-Based Stored XSS
Published
2023-03-30
Title
WPMobile.App < 11.21 - Admin+ Stored XSS
Published
2024-03-19
Title
Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates < 4.5.4 - Contributor+ Stored XSS
Published
2024-03-25
Title
Essential Addons for Elementor < 5.9.12 - Contributor+ Stored XSS