Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
WordPress Plugin Registration Forms-User Registration Forms Invitation-Based Registrations Front-end User Profile Login Form Content Restriction Multiple Vulnerabilities - CVE-2015-7682 - Vulnerability Database
WP Plugin Pie Register

WordPress Plugin Registration Forms-User Registration Forms Invitation-Based Registrations Front-end User Profile Login Form Content Restriction Multiple Vulnerabilities - CVE-2015-7682

Medium
Reference: CVE-2015-7682
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2015-7682
Title: WordPress Plugin Registration Forms-User Registration Forms Invitation-Based Registrations Front-end User Profile Login Form Content Restriction Multiple Vulnerabilities
Overview:

WordPress Plugin Registration Forms-User Registration Forms Invitation-Based Registrations Front-end User Profile Login Form Content Restriction is prone to multiple vulnerabilities including cross-site scripting and SQL injection vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site to steal cookie-based authentication credentials to compromise the application access or modify data or to exploit vulnerabilities in the underlying database. WordPress Plugin Registration Forms-User Registration Forms Invitation-Based Registrations Front-end User Profile Login Form Content Restriction version 2.0.18 is vulnerable prior versions may also be affected.