Genetechsolutions : Security Vulnerabilities, CVEs, (Sql injection)
The Registration Forms – User profile, Content Restriction, Spam Protection, Payment Gateways, Invitation Codes WordPress plugin before 3.7.1.6 does not properly escape user data before using it in a SQL statement in the wp-json/pie/v1/login REST API endpoint, leading to an SQL injection.
Max CVSS
9.8
EPSS Score
16.29%
Published
2021-11-08
Updated
2021-11-10
The pie-register plugin before 3.1.2 for WordPress has SQL injection, a different issue than CVE-2018-10969.
Max CVSS
9.8
EPSS Score
0.15%
Published
2019-08-27
Updated
2019-08-28
SQL injection vulnerability in the Pie Register plugin before 3.0.10 for WordPress allows remote attackers to execute arbitrary SQL commands via the invitation codes grid.
Max CVSS
9.8
EPSS Score
6.46%
Published
2018-06-17
Updated
2018-08-14
Multiple SQL injection vulnerabilities in pie-register/pie-register.php in the Pie Register plugin before 2.0.19 for WordPress allow remote administrators to execute arbitrary SQL commands via the (1) select_invitaion_code_bulk_option or (2) invi_del_id parameter in the pie-invitation-codes page to wp-admin/admin.php.
Max CVSS
6.5
EPSS Score
0.23%
Published
2015-10-16
Updated
2018-10-09
4 vulnerabilities found