- Mar 6, 2023
- 1 min read

[WordPress Pie Register Plugin](versions 3.8.1.2 and older) Vulnerability

[WordPress Pie Register Plugin](versions 3.8.1.2 and older) Vulnerability to Arbitrary User Deletion

Importance (CVSS3.0)

★★★★★★★★☆☆ 8.2 / 10 - High

Details

A SQL Injection vulnerability was discovered in WordPress Pie Register Plugin.

This vulnerability allows malicious attackers to delete arbitrary users and along with their posts when deleting users via an init action handler because this plugin doesn’t have authorisation and CSRF.

Solutions

Update WordPress Pie Register Plugin to the newest version (3.8.1.3 and newer)

Source

CVE-2022-4024

Vulnerability details

We provide information about critical vulnerabilities of WordPress for people who are using or are considering using Wordpress for their projects.

“[WordPress Pie Register Plugin](versions 3.8.1.2 and older) Vulnerability to Arbitrary User Deletion”, by WS Security is licensed under CC BY 4.0.

Enterprise
Server Infrastructure
Management

Posts

[WordPress Pie Register Plugin](versions 3.8.1.2 and older) Vulnerability

[WordPress Pie Register Plugin](versions 3.8.1.2 and older) Vulnerability to Arbitrary User Deletion

Recent Posts

Beyond GTA Inc.

Services

Policies

Beyond GTA Inc.
7030 Woodbine Ave., Markham, ON, L3R 6G2, Canada

Copyright 2021 Beyond GTA Inc.