ThreatPress

WordPress Vulnerabilities Database

Back

WordPress Pie Register Plugin - Multiple Cross Site Scripting Vulnerabilities

Product
Pie Register
Description
Pie Register plugin's "wp-login.php" is prone to multiple cross-site scripting vulnerabilities. These vulnerabilities allow an attacker to use arbitrary script code in the browser of an user in the context of the affected site. In that way an attacker can steal cookie-based authentication credentials and launch other attacks.
Solution
Update the plugin.
Classification
Type XSS (Cross Site Scripting)
OWASP Top 10 A3: Cross Site Scripting (XSS)
References
Exploit-DB
CVE
Name CVE-2013-4954
Versions
Affected In <= 1.30
Fixed In 1.31
Disclosure date
2013-07-12
Credits
gravitylover