Pie-Register <= 2.0.18 - Authenticated Blind SQL Injection

Affects Plugin

Pie Register – User Registration Forms. Invitation based registrations, Custom Login, Payments

fixed in version 2.0.19

References

CVE	2015-7682
PacketStorm	133929
URL	https://www.securityfocus.com/archive/1/536669
URL	https://github.com/GTSolutions/Pie-Register

Classification

Type	SQLI
OWASP Top 10	A1: Injection
CWE	CWE-89

Miscellaneous

Submitter	ethicalhack3r
Submitter Website	https://dewhurstsecurity.com/
Submitter Twitter	ethicalhack3r
Views	5156
Verified	No
WPVDB ID	8213

Timeline

Publicly Published	2015-10-12 (over 4 years ago)
Added	2015-10-12 (over 4 years ago)
Last Updated	2019-10-31 (7 months ago)

Our Other Services

Online WordPress Vulnerability Scanner

WPScan WordPress Security Plugin