cbcvebase.
CVE-2014-8802
published 2015-01-23

CVE-2014-8802: The Pie Register plugin before 2.0.14 for WordPress does not properly restrict access to certain functions in pie-register.php, which allows remote attackers…

PriorityP341medium5CVSS 2.0
AVNACLAuNCNIPAN
EXPLOIT
EPSS
7.80%
93.9th percentile
The Pie Register plugin before 2.0.14 for WordPress does not properly restrict access to certain functions in pie-register.php, which allows remote attackers to (1) add a user by uploading a crafted CSV file or (2) activate a user account via a verifyit action.

Affected

1 ranges
VendorProductVersion rangeFixed in
genetechsolutionspie_register<= 2.0.13
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.