CVE-2021-24647
published 2021-11-08CVE-2021-24647: The Registration Forms – User profile, Content Restriction, Spam Protection, Payment Gateways, Invitation Codes WordPress plugin before 3.1.7.6 has a flaw in…
PriorityP179high8.1CVSS 3.1
AVNACHPRNUINSUCHIHAH
ITWEXPLOITVulnCheck KEVInitial access
Exploited in the wild
EPSS
8.38%
94.3th percentile
The Registration Forms – User profile, Content Restriction, Spam Protection, Payment Gateways, Invitation Codes WordPress plugin before 3.1.7.6 has a flaw in the social login implementation, allowing unauthenticated attacker to login as any user on the site by only knowing their user ID or username
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| genetechsolutions | pie_register | < 3.7.1.6 | 3.7.1.6 |
Detection & IOCsextracted from sources · hover to see the quote
commandPOST /login/ HTTP/1.1
Content-Type: application/x-www-form-urlencoded
social_site=true&user_id_social_site=1&wp-submit=Log+In&testcookie=1↗
- →Detect exploitation attempts by monitoring POST requests to /login/ containing the parameters 'social_site=true' and 'user_id_social_site=' — these are the key exploit parameters for unauthenticated arbitrary login. ↗
- →Fingerprint vulnerable installations by checking for the presence of 'pieregister' string in /wp-content/plugins/pie-register/readme.txt — used as a version/presence check in the exploit template. ↗
- →Confirm successful exploitation by checking if the response to /wp-admin/profile.php returns HTTP 200 and contains both 'Username' and 'email-description' — indicating the attacker is now authenticated. ↗
- →Reconnaissance step: unauthenticated GET to /wp-content/plugins/pie-register/readme.txt is used to confirm plugin presence before launching the exploit. ↗
- ·The exploit targets user_id_social_site=1 (typically the WordPress admin account). Attackers only need to know a valid user ID or username — no password is required. ↗
- ·The vulnerability exists in the social login implementation of the plugin. The flaw is present in versions before 3.1.7.6 (NVD) / 3.7.1.6 (WPScan/template) — note the version discrepancy between sources. ↗
CVSS provenance
nvdv3.18.1HIGHCVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.06.8MEDIUMAV:N/AC:M/Au:N/C:P/I:P/A:P
vulncheck8.1HIGH
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-m4pp-cj4x-58f6: The Registration Forms – User profile, Content Restriction, Spam Protection, Payment Gateways, Invitation Codes WordPress plugin before 3
ghsa_unreviewed·2022-05-24
CVE-2021-24647 [HIGH] CWE-287 GHSA-m4pp-cj4x-58f6: The Registration Forms – User profile, Content Restriction, Spam Protection, Payment Gateways, Invitation Codes WordPress plugin before 3
The Registration Forms – User profile, Content Restriction, Spam Protection, Payment Gateways, Invitation Codes WordPress plugin before 3.1.7.6 has a flaw in the social login implementation, allowing unauthenticated attacker to login as any user on the site by only knowing their user ID or username
VulnCheck
genetechsolutions pie_register Improper Authentication
vulncheck·2021·CVSS 8.1
CVE-2021-24647 [HIGH] genetechsolutions pie_register Improper Authentication
genetechsolutions pie_register Improper Authentication
The Registration Forms – User profile, Content Restriction, Spam Protection, Payment Gateways, Invitation Codes WordPress plugin before 3.1.7.6 has a flaw in the social login implementation, allowing unauthenticated attacker to login as any user on the site by only knowing their user ID or username
Affected: genetechsolutions pie_register
Required Action: Apply remediations or mitigations per vendor instructions or discontinue use of the product if remediation or mitigations are unavailable.
Exploitation References: https://patchstack.com/database/vulnerability/pie-register/wordpress-pie-register-plugin-3-7-1-5-unauthenticated-arbitrary-login-vulnerability
Exploit PoC: https://vulncheck.com/xdb/66668f877c28
No detection rules found.
Nuclei
Pie Register < 3.7.1.6 - Unauthenticated Arbitrary Login
nuclei·CVSS 8.1
CVE-2021-24647 [HIGH] Pie Register < 3.7.1.6 - Unauthenticated Arbitrary Login
Pie Register < 3.7.1.6 - Unauthenticated Arbitrary Login
The Registration Forms User profile, Content Restriction, Spam Protection, Payment Gateways, Invitation Codes WordPress plugin before 3.1.7.6 has a flaw in the social login implementation, allowing unauthenticated attacker to login as any user on the site by only knowing their user ID or username
Template:
id: CVE-2021-24647
info:
name: Pie Register < 3.7.1.6 - Unauthenticated Arbitrary Login
author: DhiyaneshDK
severity: high
description: |
The Registration Forms User profile, Content Restriction, Spam Protection, Payment Gateways, Invitation Codes WordPress plugin before 3.1.7.6 has a flaw in the social login implementation, allowing unauthenticated attacker to login as any user on the site by only knowing their user ID or user
No writeups or analysis indexed.
2021-11-08
Published
Exploited in the wild