Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools

genetechproducts

Source -

CNA

BOS Name -

N/A

CNA CVEs -

6

ADP CVEs -

0

CISA CVEs -

0

NVD CVEs -

0
Related CVEsRelated ProductsRelated AssignersReports
6Vulnerabilities found
CVE-2026-3571
Assigner-Wordfence
ShareView Details
Assigner-Wordfence
CVSS Score-6.5||MEDIUM
EPSS-0.03% / 9.00%
||
7 Day CHG~0.00%
Published-04 Apr, 2026 | 01:24
Updated-24 Apr, 2026 | 18:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Pie Register – User Registration, Profiles & Content Restriction <= 3.8.4.8 - Missing Authorization to Unauthenticated Registration Form Status Modification

The Pie Register – User Registration, Profiles & Content Restriction plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the pie_main() function in all versions up to, and including, 3.8.4.8. This makes it possible for unauthenticated attackers to change registration form status.

Action-Not Available
Vendor-genetechproducts
Product-Pie Register – User Registration, Profiles & Content Restriction
CWE ID-CWE-862
Missing Authorization
CVE-2025-12528
Assigner-Wordfence
ShareView Details
Assigner-Wordfence
CVSS Score-8.1||HIGH
EPSS-0.26% / 49.55%
||
7 Day CHG~0.00%
Published-18 Nov, 2025 | 08:27
Updated-08 Apr, 2026 | 16:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Pie Forms for WP <= 1.6 - Unauthenticated Arbitrary File Upload

The Pie Forms for WP plugin for WordPress is vulnerable to Arbitrary File Upload in all versions up to, and including, 1.6 via the format_classic function. This is due to insufficient file type validation where the validate_classic method validates file extensions and sets error messages but does not prevent the file upload process from continuing. This makes it possible for unauthenticated attackers to upload files with dangerous extensions such as PHP, which makes remote code execution possible. In order to exploit this vulnerability, the attacker needs to guess the directory in which the file is placed (which is a somewhat predictable hash). In addition to that, the file name is generated using a secure hash method, limiting the exploitability of this vulnerability.

Action-Not Available
Vendor-genetechproducts
Product-Pie Forms — Drag & Drop Form Builder
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2024-13818
Assigner-Wordfence
ShareView Details
Assigner-Wordfence
CVSS Score-5.3||MEDIUM
EPSS-0.08% / 23.14%
||
7 Day CHG~0.00%
Published-21 Feb, 2025 | 03:21
Updated-08 Apr, 2026 | 18:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Registration Forms – User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form & Content Restriction <= 3.8.4 - Sensitive Information Exposure via Log Files

The Registration Forms – User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form & Content Restriction plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.8.4 through publicly exposed log files. This makes it possible for unauthenticated attackers to view potentially sensitive information about users contained in the exposed log files.

Action-Not Available
Vendor-genetechsolutionsgenetechproducts
Product-pie_registerPie Register – User Registration, Profiles & Content Restriction
CWE ID-CWE-532
Insertion of Sensitive Information into Log File
CVE-2024-11436
Assigner-Wordfence
ShareView Details
Assigner-Wordfence
CVSS Score-6.1||MEDIUM
EPSS-1.99% / 83.96%
||
7 Day CHG~0.00%
Published-07 Dec, 2024 | 01:45
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Drag & Drop Builder, Human Face Detector, Pre-built Templates, Spam Protection, User Email Notifications & more! <= 1.4.19 - Reflected Cross-Site Scripting

The Drag & Drop Builder, Human Face Detector, Pre-built Templates, Spam Protection, User Email Notifications & more! plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'page' parameter in all versions up to, and including, 1.4.19 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.

Action-Not Available
Vendor-genetechproducts
Product-Pie Forms — Drag & Drop Form Builder
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2024-6579
Assigner-Wordfence
ShareView Details
Assigner-Wordfence
CVSS Score-4.3||MEDIUM
EPSS-0.15% / 34.90%
||
7 Day CHG~0.00%
Published-16 Jul, 2024 | 09:32
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Web and WooCommerce Addons for WPBakery Builder <= 1.4.5 - Missing Authorization to Authenticated (Subscriber+) Plugin Settings Modification

The Web and WooCommerce Addons for WPBakery Builder plugin for WordPress is vulnerable to unauthorized plugin settings modification due to a missing capability check on several plugin functions in all versions up to, and including, 1.4.5. This makes it possible for authenticated attackers, with Subscriber-level access and above, to change some of the plugin settings.

Action-Not Available
Vendor-genetechproducts
Product-Web and WooCommerce Addons for WPBakery Builder
CWE ID-CWE-862
Missing Authorization
CVE-2024-6069
Assigner-Wordfence
ShareView Details
Assigner-Wordfence
CVSS Score-8.8||HIGH
EPSS-1.85% / 83.36%
||
7 Day CHG~0.00%
Published-09 Jul, 2024 | 08:33
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Pie Register - Basic <= 3.8.3.4 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Plugin Installation

The Registration Forms – User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form & Content Restriction plugin for WordPress is vulnerable to unauthorized arbitrary plugin installation due to a missing capability check on the pieregister_install_addon function in all versions up to, and including, 3.8.3.4. This makes it possible for authenticated attackers, with subscriber-level access and above, to install arbitrary plugins. As a result attackers might achieve code execution on the targeted server

Action-Not Available
Vendor-genetechproductsgenetech_products
Product-Pie Register – User Registration, Profiles & Content Restrictionuser_registration_formscontent_registrationregistration_formsfront_end_user_profile_login_forminvitation_based_registrations
CWE ID-CWE-862
Missing Authorization