NVD

Id
35730  
Name
CVE-2014-8802  
Description
The Pie Register plugin before 2.0.14 for WordPress does not properly restrict access to certain functions in pie-register.php, which allows remote attackers to (1) add a user by uploading a crafted CSV file or (2) activate a user account via a verifyit action.  
Reject
 
CVSS Version
2  
CVSS Score
5  
Severity
Medium  
CVSS Base Score
5  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
10  
CVSS Vector
(AV:N/AC:L/Au:N/C:N/I:P/A:N)  
Pub Date
2017-01-19  
Published
2015-01-23  
Modified Date
2015-01-26  
Seq
2014-8802  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
183014 35730 CVE-2014-8802 http://security.szurek.pl/pie-register-2013-privilege-escalation.html  View
183015 35730 CVE-2014-8802 https://wordpress.org/plugins/pie-register/changelog/  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
18915 JVNDB-2014-007790 WordPress 用 Pie Register プラグインにおけるユーザを追加される脆弱性 WordPress 用 Pie Register プラグインには、(1) ユーザを追加される、および (2) ユーザアカウントをアクティベートされる脆弱性が存在します。 CVE-2014-8802 76095 CVE-2014-8802 35730 5 http://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-007790.html 2014-12-12 2015-01-27 View