GHSA-7m4f-cfr6-pwp7MediumCVSS 5.3

The Pie Register WordPress plugin before 3.8.4.10 does not use sufficiently random values when...

Published
June 22, 2026
Last Modified
June 22, 2026

🔗 CVE IDs covered (1)

📋 Description

The Pie Register WordPress plugin before 3.8.4.10 does not use sufficiently random values when generating its account verification tokens, allowing unauthenticated attackers to predict a valid token and activate an account without access to the associated email inbox.

🔗 References (3)