CVE-2013-4954

Genetech Solutions Pie-Register <1.31 - XSS

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2013-4954. PoCs published by gravitylover.

AI-analyzed exploit summary The provided code snippet is a minimal example demonstrating XSS vulnerabilities in Pie Register plugin for WordPress by echoing POST parameters without sanitization. It lacks a full exploit payload or context for execution.

Description

Multiple cross-site scripting (XSS) vulnerabilities in wp-login.php in the Genetech Solutions Pie-Register plugin before 1.31 for WordPress, when "Allow New Registrations to set their own Password" is enabled, allow remote attackers to inject arbitrary web script or HTML via the (1) pass1 or (2) pass2 parameter in a register action. NOTE: some of these details are obtained from third party information.

Exploits (1)

exploitdb STUB VERIFIED
by gravitylover · textwebappsphp
https://www.exploit-db.com/exploits/38643

The provided code snippet is a minimal example demonstrating XSS vulnerabilities in Pie Register plugin for WordPress by echoing POST parameters without sanitization. It lacks a full exploit payload or context for execution.

Classification
Stub 80%
Attack Type
Xss
Complexity
Trivial
Reliability
Theoretical
Target: Pie Register plugin for WordPress 1.30
No auth needed
Prerequisites: A vulnerable version of the Pie Register plugin · User interaction to submit malicious input
MITRE ATT&CK
mistral-large-3 · analyzed Feb 16, 2026 Full analysis →

References (7)

Core 7
Core References
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/54123
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://osvdb.org/95160
Exploit vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/61140
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/85604

Scores

EPSS 0.0615
EPSS Percentile 92.6%

Details

CWE
CWE-79
Status published
Products (20)
genetechsolutions/pie-register 1.0.1
genetechsolutions/pie-register 1.1.1
genetechsolutions/pie-register 1.1.2
genetechsolutions/pie-register 1.1.3
genetechsolutions/pie-register 1.1.5
genetechsolutions/pie-register 1.1.6
genetechsolutions/pie-register 1.1.7
genetechsolutions/pie-register 1.1.8
genetechsolutions/pie-register 1.1.9 (2 CPE variants)
genetechsolutions/pie-register 1.2.0
... and 10 more
Published Jul 29, 2013
Tracked Since Feb 18, 2026