Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
6.5
Pie Register Plugin Allows Unauthenticated Access to Registration Settings
CVE-2026-3571
Summary
An unpatched plugin for WordPress allows anyone to change registration settings without permission. This means that anyone can modify how users register, even if they don't have permission to do so. Update the plugin to the latest version (3.8.4.8 or higher) to fix this issue.
Original title
The Pie Register – User Registration, Profiles & Content Restriction plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the pie_main() func...
Original description
The Pie Register – User Registration, Profiles & Content Restriction plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the pie_main() function in all versions up to, and including, 3.8.4.8. This makes it possible for unauthenticated attackers to change registration form status.
nvd CVSS3.1
6.5
Vulnerability type
CWE-862
Missing Authorization
Published: 4 Apr 2026 · Updated: 4 Apr 2026 · First seen: 4 Apr 2026