WordPress Plugin Vulnerabilities

Pie-Register <= 2.0.18 - Authenticated Blind SQL Injection

Description

The Pie Register – User Registration Forms. Invitation based registrations, Custom Login, Payments WordPress plugin was affected by an Authenticated Blind SQL Injection security vulnerability.

Affects Plugins

Plugin icon
pie-register
Fixed in 2.0.19

References

CVE
CVE-2015-7682
URL
https://packetstormsecurity.com/files/#133929/
URL
https://www.securityfocus.com/archive/1/536669
URL
https://github.com/GTSolutions/Pie-Register

Classification

Type
SQLI
OWASP top 10
A1: Injection
CWE
CWE-89

Miscellaneous

Submitter
ethicalhack3r
Submitter twitter
ethicalhack3r
Verified
No
WPVDB ID
d38db297-0e1f-44a8-86f0-2349a2017342

Timeline

Publicly Published
2015-10-12 (about 10 years ago)
Added
2015-10-12 (about 10 years ago)
Last Updated
2019-10-31 (about 6 years ago)

Other

Published
Title
Published
2025-10-28
Title
Thumbnail Slider With Lightbox < 1.0.5 - Authenticated (Admin+) SQL Injection
Published
2024-10-31
Title
Quran Shortcode <= 1.5 - Authenticated (Contributor+) SQL Injection
Published
2025-07-15
Title
ELEX WooCommerce Advanced Bulk Edit Products, Prices & Attributes < 1.5.0 - Authenticated (Subscriber+) SQL Injection
Published
2016-11-10
Title
Sirv <= 1.3.1 - Authenticated SQL Injection
Published
2025-05-16
Title
UberSlider < 2.6 - Authenticated (Contributor+) SQL Injection