CVE-2026-10530 | The Pie Register WordPress plugin before 3.8.4.10 does not …

Description

The Pie Register WordPress plugin before 3.8.4.10 does not use sufficiently random values when generating its account verification tokens, allowing unauthenticated attackers to predict a valid token and activate an account without access to the associated email inbox.

Metadata

CVE ID: CVE-2026-10530
State: PUBLISHED
Assigner: WPScan
Reserved: 2026-06-01 11:10 UTC
Published: 2026-06-22 06:00 UTC
Last updated: 2026-06-22 06:00 UTC
Vendor / Product: Unknown / Pie Register
Sources: cve.org · NVD

Severity & Metrics

No CVSS data available.

Affected products (1)

Vendor	Product	Platform	Versions
Unknown	Pie Register	—	0 < 3.8.4.10

Weakness (CWE)

CWE	Source	Description
—	cna	CWE-326 Inadequate Encryption Strength

References (1)

https://wpscan.com/vulnerability/bd3fe1d2-9f21-4b51-9112-2971a25a7e62/