Genetechsolutions : Security Vulnerabilities, CVEs, (Sql injection)

CVE-2021-24731

The Registration Forms – User profile, Content Restriction, Spam Protection, Payment Gateways, Invitation Codes WordPress plugin before 3.7.1.6 does not properly escape user data before using it in a SQL statement in the wp-json/pie/v1/login REST API endpoint, leading to an SQL injection.
Max CVSS
9.8
EPSS Score
16.29%
Published
2021-11-08
Updated
2021-11-10

CVE-2019-15659

The pie-register plugin before 3.1.2 for WordPress has SQL injection, a different issue than CVE-2018-10969.
Max CVSS
9.8
EPSS Score
0.15%
Published
2019-08-27
Updated
2019-08-28

CVE-2018-10969

SQL injection vulnerability in the Pie Register plugin before 3.0.10 for WordPress allows remote attackers to execute arbitrary SQL commands via the invitation codes grid.
Max CVSS
9.8
EPSS Score
6.46%
Published
2018-06-17
Updated
2018-08-14

CVE-2015-7682

Multiple SQL injection vulnerabilities in pie-register/pie-register.php in the Pie Register plugin before 2.0.19 for WordPress allow remote administrators to execute arbitrary SQL commands via the (1) select_invitaion_code_bulk_option or (2) invi_del_id parameter in the pie-invitation-codes page to wp-admin/admin.php.
Max CVSS
6.5
EPSS Score
0.23%
Published
2015-10-16
Updated
2018-10-09
4 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close