Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
WordPress Plugin Registration Forms-User Registration Forms Invitation-Based Registrations Front-end User Profile Login Form Content Restriction SQL Injection - CVE-2021-24731 - Vulnerability Database
WP Plugin Pie Register

WordPress Plugin Registration Forms-User Registration Forms Invitation-Based Registrations Front-end User Profile Login Form Content Restriction SQL Injection - CVE-2021-24731

Critical
Reference: CVE-2021-24731
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2021-24731
Title: WordPress Plugin Registration Forms-User Registration Forms Invitation-Based Registrations Front-end User Profile Login Form Content Restriction SQL Injection
Overview:

WordPress Plugin Registration Forms-User Registration Forms Invitation-Based Registrations Front-end User Profile Login Form Content Restriction is prone to an SQL injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application access or modify data or exploit latent vulnerabilities in the underlying database. WordPress Plugin Registration Forms-User Registration Forms Invitation-Based Registrations Front-end User Profile Login Form Content Restriction version 3.7.1.5 is vulnerable prior versions may also be affected.