Registration Forms – User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form & Content Restriction

Wordfence Intelligence   >   Vulnerability Database   >   WordPress Plugins   >   Registration Forms – User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form & Content Restriction

Information

Software Type Plugin
Software Slug pie-register (view on wordpress.org)
Software Status Active
Software Author pieregister
Software Website pieregister.com
Software Downloads 565,928
Software Active Installs 3,000
Software Record Last Updated May 19, 2024

17 Vulnerabilities

Pie Register <= 3.8.2.2 - Open Redirect
6.1
CVE-2023-0552
Feb 6, 2023
Researcher: Omar Amin
Pie Register – User Registration Forms. Invitation based registrations, Custom Login, Payments <= 3.7.2.3 - Open Redirect
6.1
CVE ID Unknown
Oct 21, 2021
Researcher: WPScanTeam
Pie Register – User Registration Forms <= 3.7.0.0 - Reflected Cross-Site Scripting
6.1
CVE-2021-24239
Apr 3, 2021
Researcher: iohex
Pie Register – User Registration Forms < 2.0.19 - Reflected Cross-Site Scripting
6.1
CVE-2015-7377
Oct 12, 2015
Researcher: David Moore
Pie Register <= 1.30 - Multiple Cross-Site Scripting
6.1
CVE-2013-4954
Aug 1, 2014
Researchers:
Pie Register – User Registration Forms < 2.0.19 - Authenticated SQL Injection
6.3
CVE-2015-7682
Oct 12, 2015
Researcher: David Moore
Pie Register <= 3.8.1.2 - Missing Authorization to Arbitrary User Deletion
6.5
CVE-2022-4024
Nov 28, 2022
Researcher: cydave
Pie Register < 3.0.18 - Unauthenticated Cross-Site Scripting
7.1
CVE ID Unknown
Oct 24, 2018
Researcher: Alvaro J. Gene
Pie Register < 2.0.15 - Cross-Site Scripting
7.1
CVE ID Unknown
Mar 9, 2015
Researcher: TUNISIAN CYBER
Pie Register <= 2.0.13 - Missing Authorization
7.3
CVE-2014-8802
Jan 17, 2015
Researcher: Kacper Szurek
Pie Register <= 3.7.1.5 - Authentication Bypass
8.1
CVE-2021-24647
Oct 11, 2021
Researcher: AyeCode Ltd
Pie Register <= 3.8.3.1 - Unauthenticated Arbitrary File Upload
9.8
CVE-2024-27957
Mar 13, 2024
Researcher: Rafie Muhammad
Pie Register <= 3.7.1.5 - Unauthenticated SQL Injection
9.8
CVE-2021-24731
Oct 11, 2021
Researcher: AyeCode Ltd
Pie Register – User Registration Forms. Invitation based registrations, Custom Login, Payments < 3.1.2 - SQL Injection
9.8
CVE-2019-15659
Jul 3, 2019
Researchers:
Pie Register <= 3.0.9 - SQL Injection
9.8
CVE-2018-10969
Jun 12, 2018
Researcher: Manuel Garcia Cardenas
Pie Register 2.0.14-2.0.15 - SQL Injection
9.8
CVE ID Unknown
May 4, 2015
Researcher: James Hooker
Registration Forms – User Profile, Custom Registration Form, Login Form, Invitation-Based Registrations for WordPress 2.0.14 - 2.0.15 - Authentication Bypass
9.8
CVE ID Unknown
May 4, 2015
Researcher: James Hooker
Title Status CVE ID CVSS Researchers Date
Pie Register <= 3.8.2.2 - Open Redirect Patched CVE-2023-0552 6.1 Omar Amin February 6, 2023
Pie Register – User Registration Forms. Invitation based registrations, Custom Login, Payments <= 3.7.2.3 - Open Redirect Patched 6.1 WPScanTeam October 21, 2021
Pie Register – User Registration Forms <= 3.7.0.0 - Reflected Cross-Site Scripting Patched CVE-2021-24239 6.1 iohex April 3, 2021
Pie Register – User Registration Forms < 2.0.19 - Reflected Cross-Site Scripting Patched CVE-2015-7377 6.1 David Moore October 12, 2015
Pie Register <= 1.30 - Multiple Cross-Site Scripting Patched CVE-2013-4954 6.1 August 1, 2014
Pie Register – User Registration Forms < 2.0.19 - Authenticated SQL Injection Patched CVE-2015-7682 6.3 David Moore October 12, 2015
Pie Register <= 3.8.1.2 - Missing Authorization to Arbitrary User Deletion Patched CVE-2022-4024 6.5 cydave November 28, 2022
Pie Register < 3.0.18 - Unauthenticated Cross-Site Scripting Patched 7.1 Alvaro J. Gene October 24, 2018
Pie Register < 2.0.15 - Cross-Site Scripting Patched 7.1 TUNISIAN CYBER March 9, 2015
Pie Register <= 2.0.13 - Missing Authorization Patched CVE-2014-8802 7.3 Kacper Szurek January 17, 2015
Pie Register <= 3.7.1.5 - Authentication Bypass Patched CVE-2021-24647 8.1 AyeCode Ltd October 11, 2021
Pie Register <= 3.8.3.1 - Unauthenticated Arbitrary File Upload Unpatched CVE-2024-27957 9.8 Rafie Muhammad March 13, 2024
Pie Register <= 3.7.1.5 - Unauthenticated SQL Injection Patched CVE-2021-24731 9.8 AyeCode Ltd October 11, 2021
Pie Register – User Registration Forms. Invitation based registrations, Custom Login, Payments < 3.1.2 - SQL Injection Patched CVE-2019-15659 9.8 July 3, 2019
Pie Register <= 3.0.9 - SQL Injection Patched CVE-2018-10969 9.8 Manuel Garcia Cardenas June 12, 2018
Pie Register 2.0.14-2.0.15 - SQL Injection Patched 9.8 James Hooker May 4, 2015
Registration Forms – User Profile, Custom Registration Form, Login Form, Invitation-Based Registrations for WordPress 2.0.14 - 2.0.15 - Authentication Bypass Patched 9.8 James Hooker May 4, 2015

Did you know Wordfence Intelligence provides free personal and commercial API access to our comprehensive WordPress vulnerability database, along with a free webhook integration to stay on top of the latest vulnerabilities added and updated in the database? Get started today!

Learn more

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation