WordPress Plugin Vulnerabilities

Pie Register <= 2.0.13 - Privilege escalation

Description

The Pie Register – User Registration Forms. Invitation based registrations, Custom Login, Payments WordPress plugin was affected by a Privilege escalation security vulnerability.

Affects Plugins

Plugin icon
pie-register
Fixed in 2.0.14

References

CVE
CVE-2014-8802
URL
https://security.szurek.pl/pie-register-2013-privilege-escalation.html

Classification

Type
AUTHBYPASS
OWASP top 10
A2: Broken Authentication and Session Management
CWE
CWE-287

Miscellaneous

Submitter
Kacper Szurek
Submitter website
http://security.szurek.pl
Submitter twitter
kacperszurek
Verified
No
WPVDB ID
9c9f66f2-ef80-4673-83a5-6e5a8e19012a

Timeline

Publicly Published
2015-01-17 (about 11 years ago)
Added
2015-01-17 (about 11 years ago)
Last Updated
2019-10-21 (about 6 years ago)

Other

Published
Title
Published
2025-11-21
Title
Construction Light < 1.6.8 - Subscriber+ Arbitrary Plugin Activation
Published
2015-03-31
Title
All in One SEO Pack < 2.2.6 - Information Disclosure
Published
2014-08-01
Title
portable-phpMyAdmin < 1.3.1 - Authentication Bypass
Published
2024-07-13
Title
Backup and Staging by WP Time Capsule < 1.22.21 - Authentication Bypass to Account Takeover
Published
2014-08-01
Title
WordPress 3.7.1 & 3.8 - Cleartext Admin Credentials Disclosure