Lucene search
WPScanCVELIST:CVE-2021-24917HistoryDec 06, 2021 - 3:55 p.m.
CVE-2021-24917 WPS Hide Login < 1.9.1 - Protection Bypass with Referer-Header
2021-12-0615:55:30
CWE-863
WPScan
www.cve.org
0.041 Low
EPSS
Percentile
92.2%
The WPS Hide Login WordPress plugin before 1.9.1 has a bug which allows to get the secret login page by setting a random referer string and making a request to /wp-admin/options.php as an unauthenticated user.
CNA Affected
[
{
"product": "WPS Hide Login",
"vendor": "Unknown",
"versions": [
{
"lessThan": "1.9.1",
"status": "affected",
"version": "1.9.1",
"versionType": "custom"
}
]
}
]Related
cve
cve
CVE-2021-24917
2021-12-06 16:15:08
nvd
nvd
CVE-2021-24917
2021-12-06 16:15:08
prion
prion
Design/Logic Flaw
2021-12-06 16:15:00
openvas
openvas
wpvulndb
wpvulndb
WPS Hide Login < 1.9.1 - Protection Bypass with Referer-Header
2021-10-27 00:00:00
wpexploit
wpexploit
WPS Hide Login < 1.9.1 - Protection Bypass with Referer-Header
2021-10-27 00:00:00
cnvd
cnvd
WordPress WPS Hide Login plugin authorization issue vulnerability
2021-12-09 00:00:00
githubexploit
githubexploit
Exploit for Incorrect Authorization in Wpserveur Wps Hide Login
2024-05-20 02:07:52
nuclei
nuclei
WordPress WPS Hide Login <1.9.1 - Information Disclosure
2022-08-31 19:45:11
rapid7blog
rapid7blog
Metasploit Wrap-Up
2021-12-17 22:53:06