Lucene search
China National Vulnerability DatabaseCNVD-2021-99775HistoryDec 09, 2021 - 12:00 a.m.
WordPress WPS Hide Login plugin authorization issue vulnerability
2021-12-0900:00:00
China National Vulnerability Database
www.cnvd.org.cn
8
0.041 Low
EPSS
Percentile
92.2%
WordPress is the Wordpress Foundation’s set of blogging platforms developed using the PHP language. The platform supports the hosting of personal blogging sites on PHP and MySQL servers. WordPress WPS Hide Login plugin has an authorization issue vulnerability in versions prior to 1.9.1, which stems from the lack of authentication measures or insufficient authentication strength in the plugin. An unauthenticated attacker requests wp-admin options.php to obtain a secret login page.
| CPE | Name | Operator | Version |
|---|---|---|---|
| WordPress1 WPS Hide Login Plugin | lt | 1.9.1 |
Related
cve
cve
CVE-2021-24917
2021-12-06 16:15:08
cvelist
cvelist
nvd
nvd
CVE-2021-24917
2021-12-06 16:15:08
prion
prion
Design/Logic Flaw
2021-12-06 16:15:00
openvas
openvas
wpvulndb
wpvulndb
WPS Hide Login < 1.9.1 - Protection Bypass with Referer-Header
2021-10-27 00:00:00
wpexploit
wpexploit
WPS Hide Login < 1.9.1 - Protection Bypass with Referer-Header
2021-10-27 00:00:00
githubexploit
githubexploit
Exploit for Incorrect Authorization in Wpserveur Wps Hide Login
2024-05-20 02:07:52
nuclei
nuclei
WordPress WPS Hide Login <1.9.1 - Information Disclosure
2022-08-31 19:45:11
rapid7blog
rapid7blog
Metasploit Wrap-Up
2021-12-17 22:53:06