Cross-Site Scripting Vulnerability in Pie Register Plugin for WordPress
CVE-2015-7377

Currently unrated

Key Information:

Vendor: Wordpress
Status: Pie Register
Vendor: CVE Published:; 16 October 2015

What is CVE-2015-7377?

The Pie Register plugin for WordPress contains a cross-site scripting (XSS) vulnerability in the pie-register.php file. This flaw allows remote attackers to inject arbitrary web scripts or HTML into the application through the invitation_code parameter on a pie-register page. As a result, users could be tricked into executing malicious scripts, potentially compromising their accounts or sensitive information when they visit the affected page.

References

http://packetstormsecurity.com/files/133928/WordPress-Pie...

x_refsource_MISC

http://www.securityfocus.com/archive/1/536668/100/0/threaded

mailing-listx_refsource_BUGTRAQ

https://github.com/GTSolutions/Pie-Register/blob/2.0.19/r...

x_refsource_CONFIRM

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 16, 2015
Vulnerability Reserved
Sep 25, 2015

CVE-2015-7377 Data

JSON

Wordpress

What is CVE-2015-7377?

References

Timeline