The Pie Register plugin prior to 2.0.14 for WordPress does not properly restrict access to certain functions in pie-register.php, which allows remote malicious users to (1) add a user by uploading a crafted CSV file or (2) activate a user account via a verifyit action.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
genetechsolutions pie register |