CVE-2026-10530

MEDIUM 5.3

Pie Register < 3.8.4.10 - Unauthenticated Email Verification Bypass via Predictable Token

CVSS Score

5.3

EPSS Score

0.0%

EPSS Percentile

0th

The Pie Register WordPress plugin before 3.8.4.10 does not use sufficiently random values when generating its account verification tokens, allowing unauthenticated attackers to predict a valid token and activate an account without access to the associated email inbox.

Vendor	unknown
Product	pie register
Published	Jun 22, 2026
Last Updated	Jun 22, 2026

Stay Ahead of the Next One

Get instant alerts for unknown pie register

Be the first to know when new medium vulnerabilities affecting unknown pie register are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Unknown / Pie Register

0 < 3.8.4.10

References

NVD ↗ CVE.org ↗ EPSS Data ↗

wpscan.com: https://wpscan.com/vulnerability/bd3fe1d2-9f21-4b51-9112-2971a25a7e62/

Credits

Haitam Lazaar WPScan