CNNVD-202507-1245 Information
CNNVD ID
CNNVD-202507-1245
Related CVE
- CNNVD Published: 2025-07-09
Description (Chinese)
WordPress和WordPress plugin都是WordPress基金会的产品。WordPress是一套使用PHP语言开发的博客平台。该平台支持在PHP和MySQL的服务器上架设个人博客网站。WordPress plugin是一个应用插件。 WordPress plugin Pie Register 3.7.1.4版本存在安全漏洞,该漏洞源于身份验证绕过,可能导致远程代码执行。
Description (English)
WordPress and WordPressplugin are products of WordPress. WordPress is a blog platform developed in the PHP language. The platform supports the installation of personal blogs on PHP and MySQL servers. WordPress plugin is an application plugin. There is a security loophole in version 3.7.1.4 of WordPress pugin Pie Register, which stems from a circumvention of identification, which may lead to remote code execution.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
Workif
Published
2025-07-09
Last Modified
2026-02-24
References
https://github.com/GTSolutions/Pie-Register https://www.exploit-db.com/exploits/50395 https://wordpress.org/plugins/pie-register/ https://pieregister.com/ https://vulncheck.com/advisories/wordpress-pie-register-plugin-rce https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/unix/webapp/wp_pie_register_bypass_rce.rb https://www.exploit-db.com/exploits/52370
Patch
https://wordpress.org/plugins/pie-register/
Share on: