Search criteria
5 vulnerabilities by genetechproducts
CVE-2025-12528 (GCVE-0-2025-12528)
Vulnerability from cvelistv5 – Published: 2025-11-18 08:27 – Updated: 2025-11-18 16:03
VLAI?
Summary
The Pie Forms for WP plugin for WordPress is vulnerable to Arbitrary File Upload in all versions up to, and including, 1.6 via the format_classic function. This is due to insufficient file type validation where the validate_classic method validates file extensions and sets error messages but does not prevent the file upload process from continuing. This makes it possible for unauthenticated attackers to upload files with dangerous extensions such as PHP, which makes remote code execution possible. In order to exploit this vulnerability, the attacker needs to guess the directory in which the file is placed (which is a somewhat predictable hash). In addition to that, the file name is generated using a secure hash method, limiting the exploitability of this vulnerability.
Severity ?
8.1 (High)
CWE
- CWE-434 - Unrestricted Upload of File with Dangerous Type
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| genetechproducts | Pie Forms — Drag & Drop Form Builder |
Affected:
* , ≤ 1.6
(semver)
|
Credits
Le Viet Anh
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-12528",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-18T16:03:23.530780Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-18T16:03:31.200Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Pie Forms \u2014 Drag \u0026 Drop Form Builder",
"vendor": "genetechproducts",
"versions": [
{
"lessThanOrEqual": "1.6",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Le Viet Anh"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Pie Forms for WP plugin for WordPress is vulnerable to Arbitrary File Upload in all versions up to, and including, 1.6 via the format_classic function. This is due to insufficient file type validation where the validate_classic method validates file extensions and sets error messages but does not prevent the file upload process from continuing. This makes it possible for unauthenticated attackers to upload files with dangerous extensions such as PHP, which makes remote code execution possible. In order to exploit this vulnerability, the attacker needs to guess the directory in which the file is placed (which is a somewhat predictable hash). In addition to that, the file name is generated using a secure hash method, limiting the exploitability of this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-434",
"description": "CWE-434 Unrestricted Upload of File with Dangerous Type",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-18T08:27:31.375Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/4941a0ce-67f1-430d-bbad-3c97a4ed449e?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/pie-forms-for-wp/tags/1.6/includes/fields/fileupload.php#L331"
},
{
"url": "https://plugins.trac.wordpress.org/browser/pie-forms-for-wp/tags/1.6/includes/fields/fileupload.php#L475"
},
{
"url": "https://plugins.trac.wordpress.org/browser/pie-forms-for-wp/tags/1.6/includes/fields/fileupload.php#L18"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-11-17T20:08:34.000+00:00",
"value": "Disclosed"
}
],
"title": "Pie Forms for WP \u003c= 1.6 - Unauthenticated Arbitrary File Upload"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2025-12528",
"datePublished": "2025-11-18T08:27:31.375Z",
"dateReserved": "2025-10-30T17:43:52.699Z",
"dateUpdated": "2025-11-18T16:03:31.200Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-13818 (GCVE-0-2024-13818)
Vulnerability from cvelistv5 – Published: 2025-02-21 03:21 – Updated: 2025-02-21 21:28
VLAI?
Summary
The Registration Forms – User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form & Content Restriction plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.8.3.9 through publicly exposed log files. This makes it possible for unauthenticated attackers to view potentially sensitive information about users contained in the exposed log files.
Severity ?
5.3 (Medium)
CWE
- CWE-532 - Insertion of Sensitive Information into Log File
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| genetechproducts | Registration Forms – User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form & Content Restriction |
Affected:
* , ≤ 3.8.3.9
(semver)
|
Credits
wesley
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-13818",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-21T15:46:36.033182Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-21T21:28:18.290Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Registration Forms \u2013 User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form \u0026 Content Restriction",
"vendor": "genetechproducts",
"versions": [
{
"lessThanOrEqual": "3.8.3.9",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "wesley"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Registration Forms \u2013 User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form \u0026 Content Restriction plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.8.3.9 through publicly exposed log files. This makes it possible for unauthenticated attackers to view potentially sensitive information about users contained in the exposed log files."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-532",
"description": "CWE-532 Insertion of Sensitive Information into Log File",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-21T03:21:20.724Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/768730c1-a70e-432d-a234-4ce2b8aec424?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/pie-register/trunk/classes/base_variables.php#L68"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-02-20T15:01:12.000+00:00",
"value": "Disclosed"
}
],
"title": "Registration Forms \u2013 User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form \u0026 Content Restriction \u003c= 3.8.3.9 - Sensitive Information Exposure via Log Files"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2024-13818",
"datePublished": "2025-02-21T03:21:20.724Z",
"dateReserved": "2025-01-31T17:45:58.920Z",
"dateUpdated": "2025-02-21T21:28:18.290Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-11436 (GCVE-0-2024-11436)
Vulnerability from cvelistv5 – Published: 2024-12-07 01:45 – Updated: 2024-12-09 16:23
VLAI?
Summary
The Drag & Drop Builder, Human Face Detector, Pre-built Templates, Spam Protection, User Email Notifications & more! plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'page' parameter in all versions up to, and including, 1.4.19 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.
Severity ?
6.1 (Medium)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| genetechproducts | Drag & Drop Builder, Human Face Detector, Pre-built Templates, Spam Protection, User Email Notifications & more! |
Affected:
* , ≤ 1.4.19
(semver)
|
Credits
Colin Xu
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-11436",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-09T16:23:05.466576Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-09T16:23:16.692Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Drag \u0026 Drop Builder, Human Face Detector, Pre-built Templates, Spam Protection, User Email Notifications \u0026 more!",
"vendor": "genetechproducts",
"versions": [
{
"lessThanOrEqual": "1.4.19",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Colin Xu"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Drag \u0026 Drop Builder, Human Face Detector, Pre-built Templates, Spam Protection, User Email Notifications \u0026 more! plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the \u0027page\u0027 parameter in all versions up to, and including, 1.4.19 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-07T01:45:48.433Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/125a1d8d-8cd9-439c-b765-198ad369f987?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3202800/"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-12-06T00:00:00.000+00:00",
"value": "Disclosed"
}
],
"title": "Drag \u0026 Drop Builder, Human Face Detector, Pre-built Templates, Spam Protection, User Email Notifications \u0026 more! \u003c= 1.4.19 - Reflected Cross-Site Scripting"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2024-11436",
"datePublished": "2024-12-07T01:45:48.433Z",
"dateReserved": "2024-11-19T16:21:09.193Z",
"dateUpdated": "2024-12-09T16:23:16.692Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-6579 (GCVE-0-2024-6579)
Vulnerability from cvelistv5 – Published: 2024-07-16 09:32 – Updated: 2024-08-01 21:41
VLAI?
Summary
The Web and WooCommerce Addons for WPBakery Builder plugin for WordPress is vulnerable to unauthorized plugin settings modification due to a missing capability check on several plugin functions in all versions up to, and including, 1.4.5. This makes it possible for authenticated attackers, with Subscriber-level access and above, to change some of the plugin settings.
Severity ?
4.3 (Medium)
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| genetechproducts | Web and WooCommerce Addons for WPBakery Builder |
Affected:
* , ≤ 1.4.5
(semver)
|
Credits
Lucio Sá
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-6579",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-16T13:11:40.682141Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-16T13:11:50.486Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T21:41:04.047Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/746b77c9-64f8-43e8-9c2a-ce6bc35fd24c?source=cve"
},
{
"tags": [
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/browser/vc-addons-by-bit14/tags/1.4.5/bit14-vc-addons.php#L102"
},
{
"tags": [
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/browser/vc-addons-by-bit14/tags/1.4.5/bit14-vc-addons.php#L114"
},
{
"tags": [
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/browser/vc-addons-by-bit14/tags/1.4.5/bit14-vc-addons.php#L125"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Web and WooCommerce Addons for WPBakery Builder",
"vendor": "genetechproducts",
"versions": [
{
"lessThanOrEqual": "1.4.5",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Lucio S\u00e1"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Web and WooCommerce Addons for WPBakery Builder plugin for WordPress is vulnerable to unauthorized plugin settings modification due to a missing capability check on several plugin functions in all versions up to, and including, 1.4.5. This makes it possible for authenticated attackers, with Subscriber-level access and above, to change some of the plugin settings."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-862 Missing Authorization",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-16T09:32:12.232Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/746b77c9-64f8-43e8-9c2a-ce6bc35fd24c?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/vc-addons-by-bit14/tags/1.4.5/bit14-vc-addons.php#L102"
},
{
"url": "https://plugins.trac.wordpress.org/browser/vc-addons-by-bit14/tags/1.4.5/bit14-vc-addons.php#L114"
},
{
"url": "https://plugins.trac.wordpress.org/browser/vc-addons-by-bit14/tags/1.4.5/bit14-vc-addons.php#L125"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-06-26T00:00:00.000+00:00",
"value": "Discovered"
},
{
"lang": "en",
"time": "2024-07-15T21:28:57.000+00:00",
"value": "Disclosed"
}
],
"title": "Web and WooCommerce Addons for WPBakery Builder \u003c= 1.4.5 - Missing Authorization to Authenticated (Subscriber+) Plugin Settings Modification"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2024-6579",
"datePublished": "2024-07-16T09:32:12.232Z",
"dateReserved": "2024-07-08T18:47:30.834Z",
"dateUpdated": "2024-08-01T21:41:04.047Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-6069 (GCVE-0-2024-6069)
Vulnerability from cvelistv5 – Published: 2024-07-09 08:33 – Updated: 2024-08-01 21:25
VLAI?
Summary
The Registration Forms – User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form & Content Restriction plugin for WordPress is vulnerable to unauthorized arbitrary plugin installation and activation/deactivation due to missing capability checks on the pieregister_install_addon, pieregister_activate_addon and pieregister_deactivate_addon functions in all versions up to, and including, 3.8.3.4. This makes it possible for authenticated attackers, with Subscriber-level access and above, to install, activate and deactivate arbitrary plugins. As a result attackers might achieve code execution on the targeted server
Severity ?
8.8 (High)
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| genetechproducts | Registration Forms – User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form & Content Restriction |
Affected:
* , ≤ 3.8.3.4
(semver)
|
Credits
Lucio Sá
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:genetech_products:registration_forms:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "registration_forms",
"vendor": "genetech_products",
"versions": [
{
"lessThanOrEqual": "3.8.3.4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:genetech_products:user_registration_forms:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "user_registration_forms",
"vendor": "genetech_products",
"versions": [
{
"lessThanOrEqual": "3.8.3.4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:genetech_products:front_end_user_profile_login_form:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "front_end_user_profile_login_form",
"vendor": "genetech_products",
"versions": [
{
"lessThanOrEqual": "3.8.3.4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:genetech_products:invitation_based_registrations:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "invitation_based_registrations",
"vendor": "genetech_products",
"versions": [
{
"lessThanOrEqual": "3.8.3.4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:genetech_products:content_registration:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "content_registration",
"vendor": "genetech_products",
"versions": [
{
"lessThanOrEqual": "3.8.3.4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-6069",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-09T14:02:56.534262Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-09T14:28:07.799Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T21:25:03.242Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/b946ee73-4cf9-48c8-b456-285b118c6b05?source=cve"
},
{
"tags": [
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/browser/pie-register/tags/3.8.3.4/pie-register.php#L794"
},
{
"tags": [
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/browser/pie-register/tags/3.8.3.4/pie-register.php#L727"
},
{
"tags": [
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/browser/pie-register/tags/3.8.3.4/pie-register.php#L761"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Registration Forms \u2013 User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form \u0026 Content Restriction",
"vendor": "genetechproducts",
"versions": [
{
"lessThanOrEqual": "3.8.3.4",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Lucio S\u00e1"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Registration Forms \u2013 User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form \u0026 Content Restriction plugin for WordPress is vulnerable to unauthorized arbitrary plugin installation and activation/deactivation due to missing capability checks on the pieregister_install_addon, pieregister_activate_addon and pieregister_deactivate_addon functions in all versions up to, and including, 3.8.3.4. This makes it possible for authenticated attackers, with Subscriber-level access and above, to install, activate and deactivate arbitrary plugins. As a result attackers might achieve code execution on the targeted server"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-862 Missing Authorization",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-09T08:33:11.030Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/b946ee73-4cf9-48c8-b456-285b118c6b05?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/pie-register/tags/3.8.3.4/pie-register.php#L794"
},
{
"url": "https://plugins.trac.wordpress.org/browser/pie-register/tags/3.8.3.4/pie-register.php#L727"
},
{
"url": "https://plugins.trac.wordpress.org/browser/pie-register/tags/3.8.3.4/pie-register.php#L761"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-05-30T00:00:00.000+00:00",
"value": "Discovered"
},
{
"lang": "en",
"time": "2024-07-08T19:39:26.000+00:00",
"value": "Disclosed"
}
],
"title": "Pie Register - Basic \u003c= 3.8.3.4 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Plugin Installation and Activation/Deactivation"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2024-6069",
"datePublished": "2024-07-09T08:33:11.030Z",
"dateReserved": "2024-06-17T14:06:13.932Z",
"dateUpdated": "2024-08-01T21:25:03.242Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}