Cross-Site Scripting Vulnerability in Pie Register Plugin for WordPress
CVE-2015-7377

Currently unrated

Key Information:

Vendor

Wordpress
Status
Pie Register
Vendor
CVE Published:
16 October 2015

What is CVE-2015-7377?

The Pie Register plugin for WordPress contains a cross-site scripting (XSS) vulnerability in the pie-register.php file. This flaw allows remote attackers to inject arbitrary web scripts or HTML into the application through the invitation_code parameter on a pie-register page. As a result, users could be tricked into executing malicious scripts, potentially compromising their accounts or sensitive information when they visit the affected page.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://packetstormsecurity.com/files/133928/WordPress-Pie...
x_refsource_MISC
http://www.securityfocus.com/archive/1/536668/100/0/threaded
mailing-listx_refsource_BUGTRAQ
https://github.com/GTSolutions/Pie-Register/blob/2.0.19/r...
x_refsource_CONFIRM

EPSS Score

5% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.