Vulnerability Brief

CVE-2026-10530

  • Severity: MEDIUM
  • CVSS score: 5.3

Technical summary

The Pie Register WordPress plugin before 3.8.4.10 does not use sufficiently random values when generating its account verification tokens, allowing unauthenticated attackers to predict a valid token and activate an account without access to the associated email inbox.