CVE-2014-8802 in Genetechsolutions Pie Registerinfo

Summary

The Pie Register plugin before 2.0.14 for WordPress does not properly restrict access to certain functions in pie-register.php, which allows remote attackers to (1) add a user by uploading a crafted CSV file or (2) activate a user account via a verifyit action.

Reservation

11/13/2014

Disclosure

01/23/2015

Entries

VulDB provides additional information and datapoints for this CVE:

ID	Vulnerability	CWE	Exp	Cou	CVE
73749	Genetechsolutions Pie Register User Account pie-register.php access control	264	Proof-of-Concept	Official fix	CVE-2014-8802

Description

CPE

CWE

CVSS

Exploits

History

Diff

Relate

Threat Intelligence

API JSON

API XML

API CSV

◂ PreviousOverviewNext ▸

Want to stay up to date on a daily basis?

Enable the mail alert feature now!