Really Simple Security logo

Log out
Get PRO

Latest

Input validation vulnerability in Registration Forms – User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form & Content Restriction 3.8.3.1

  • Severity: critical
  • Status: Open
  • Publication: March 13, 2024

The Pie Register plugin for WordPress has a security issue that allows unauthorized users to upload any type of file on the website’s server. This could potentially lead to hackers being able to execute code remotely. This vulnerability occurs when the ‘Anyone can register’ option is turned on and the ‘Upload File’ field is added to the registration form.

Detected in:

Pie Register – User Registration, Profiles & Content Restriction fixed vulnerable versions:
Registration Forms – User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form & Content Restriction open vulnerable versions: >= * <= 3.8.3.2

This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!

Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:

> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21

  • Incorrect?

Is this information incorrect? Please leave us a message.