WordPress Pie Register Authentication Bypass Vulnerability
漏洞信息
漏洞名称: WordPress Pie Register Authentication Bypass Vulnerability
漏洞编号:
CVE: CVE-2025-34077
漏洞类型: 权限绕过
漏洞等级: 严重
漏洞描述: WordPress Pie Register插件是一款用于WordPress网站的用户注册和管理插件,广泛应用于需要用户注册功能的网站中。该插件提供了用户注册、登录、社交登录等功能,是许多网站用户管理的重要组成部分。该插件在3.7.1.4及之前的版本中存在一个认证绕过漏洞,允许未经授权的攻击者通过发送特制的POST请求来冒充任何用户。攻击者通过调整’social_site’参数和影响’user_id_social_site’,可以为任何用户(包括管理员)生成有效的会话cookie。一旦认证成功,攻击者可以利用插件的上传功能引入恶意的PHP代码,可能导致远程代码执行和服务器完整性受损。这一漏洞的根本原因在于插件对用户输入的处理不当,未能正确验证用户身份,从而允许攻击者绕过认证机制。此漏洞的利用无需认证,且可以被自动化工具利用,对网站的安全性构成了严重威胁。
info: name: WordPress Pie Register <=3.7.1.4- Authentication Bypass author: kylew1004 severity: critical description: | An authentication bypass vulnerability in the WordPress Pie Register plugin allows unauthorized attackers to impersonate any user by sending specially crafted POST requests. By adjusting the 'social_site' parameter and affecting 'user_id_social_site', intruders can generate valid session cookies for any user, including admins. Once authenticated, these attackers can exploit the plugin's upload functionality to introduce malicious PHP code, potentially leading to remote code execution and compromising server integrity. reference: - https://github.com/MrjHaxcore/CVE-2025-34077 - https://nvd.nist.gov/vuln/detail/CVE-2025-34077 - https://securityvulnerability.io/vulnerability/CVE-2025-34077 tags: wordpress,wp-plugin,auth-bypass,cve,cve2025
http: -method: POST path: -"{{BaseURL}}/"
headers: Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Nuclei PoC for CVE-2025-34077)