[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"all-banners":3,"SkipToContent_34xgpJIRRkpiT6ls6jE4NHf7VpvQCQBEwi69exi4oT0":4,"FooterNav_JsYsxvLufb1W12aeknKZ89on0MD0bNDTiB5EYxyxmU":11,"vulnerability-27465":17,"FooterSocial_u16tCafBUeGMoDrdLfTINytP2JB5msc6iB3VDUutAoU":45},[],["Island",5],{"key":6,"params":7,"result":9},"SkipToContent_34xgpJIRRkpiT6ls6jE4NHf7VpvQCQBEwi69exi4oT0",{"props":8},"{}",{"head":10},{},["Island",12],{"key":13,"params":14,"result":15},"FooterNav_JsYsxvLufb1W12aeknKZ89on0MD0bNDTiB5EYxyxmU",{"props":8},{"head":16},{},{"id":18,"detectable_with":19,"vuln_details":26,"vuln_id":42,"name":43,"published":44,"updated":27},27465,{"tool":20,"engine":23},{"id":21,"name":22},1,"Network Scanner",{"id":24,"name":25},2,"Nuclei",{"id":18,"codename":27,"description":27,"severity":28,"risk_description":29,"public_description":30,"public_recommendation":31,"recommendation":27,"references":32,"cvssv3":27,"epss_score":36,"epss_percentile":37,"cve":38,"in_cisa_catalog":40,"date":41,"software_type":27,"vendor":27,"product":27,"ptt_exploit_capabilities":27},null,"critical","Unauthenticated attackers can impersonate any user including administrators by manipulating the user_id_social_site parameter, potentially leading to complete site takeover through malicious plugin uploads.","An authentication bypass vulnerability exists in the WordPress Pie Register plugin ≤ 3.7.1.4 that allows unauthenticated attackers to impersonate arbitrary users by submitting a crafted POST request to the login endpoint. By setting social_site=true and manipulating the user_id_social_site parameter, an attacker can generate a valid WordPress session cookie for any user ID, including administrators.Once authenticated, the attacker may exploit plugin upload functionality to install a malicious plugin containing arbitrary PHP code, resulting in remote code execution on the underlying server.","Upgrade WordPress Pie Register plugin to version 3.7.2.0 or later that properly validates social login authentication.",[33,34,35],"https://github.com/MrjHaxcore/CVE-2025-34077","https://nvd.nist.gov/vuln/detail/CVE-2025-34077","https://securityvulnerability.io/vulnerability/CVE-2025-34077",0.72361,0.9875,[39],"CVE-2025-34077",false,"2025-07-09T00:00:00Z","NETSCAN-NUCLEI-CVE-CVE-2025-34077","WordPress Pie Register \u003C= 3.7.1.4 - Authentication Bypass","2025-07-28T00:00:00Z",["Island",46],{"key":47,"params":48,"result":50},"FooterSocial_u16tCafBUeGMoDrdLfTINytP2JB5msc6iB3VDUutAoU",{"props":49},"{\"text-color\":\"gray\"}",{"head":51},{}]