CVE-2023-0552

MEDIUM EXPLOITED NUCLEI

Pie Register < 3.8.2.3 - Open Redirect via Login/Logout Redirection

Title source: llm
STIX 2.1

Exploitation Summary

CVE-2023-0552 has been observed exploited in the wild (reported by VulnCheck KEV). A Nuclei detection template is also available.

Description

The Registration Forms WordPress plugin before 3.8.2.3 does not properly validate the redirection URL when logging in and login out, leading to an Open Redirect vulnerability

Nuclei Templates (1)

WordPress Pie Register <3.8.2.3 - Open Redirect
MEDIUMVERIFIEDby r3Y3r53

References (1)

Core 1
Core References
Exploit, Third Party Advisory exploit vdb-entry technical-description
https://wpscan.com/vulnerability/832c6155-a413-4641-849c-b98ba55e8551

Scores

CVSS v3 5.4
EPSS 0.2426
EPSS Percentile 97.6%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

CISA SSVC

Vulnrichment
Exploitation poc
Automatable no
Technical Impact partial

Details

VulnCheck KEV 2023-11-27
Status published
Products (1)
genetechsolutions/pie_register < 3.8.2.3
Published Feb 27, 2023
Tracked Since Feb 18, 2026