Lucene search
WPScanCVELIST:CVE-2023-5089HistoryOct 16, 2023 - 7:39 p.m.
CVE-2023-5089 Defender Security < 4.1.0 - Protection Bypass (Hidden Login Page)
2023-10-1619:39:25
WPScan
www.cve.org
cve-2023-5089
wordpress
protection bypass
authentication
redirects
login page
unauthenticated access
plugin
0.002 Low
EPSS
Percentile
61.5%
The Defender Security WordPress plugin before 4.1.0 does not prevent redirects to the login page via the auth_redirect WordPress function, allowing an unauthenticated visitor to access the login page, even when the hide login page functionality of the plugin is enabled.
CNA Affected
[
{
"vendor": "Unknown",
"product": "Defender Security",
"versions": [
{
"status": "affected",
"versionType": "custom",
"version": "0",
"lessThan": "4.1.0"
}
],
"defaultStatus": "unaffected",
"collectionURL": "https://wordpress.org/plugins"
}
]Related
prion
prion
Design/Logic Flaw
2023-10-16 20:15:00
nuclei
nuclei
Defender Security < 4.1.0 - Protection Bypass (Hidden Login Page)
2024-03-01 17:18:56
nvd
nvd
CVE-2023-5089
2023-10-16 20:15:17
githubexploit
githubexploit
Exploit for CVE-2023-5089
2024-05-24 07:14:55
cve
cve
CVE-2023-5089
2023-10-16 20:15:17
wpexploit
wpexploit
Defender Security < 4.1.0 - Protection Bypass (Hidden Login Page)
2023-09-20 00:00:00
wpvulndb
wpvulndb
Defender Security < 4.1.0 - Protection Bypass (Hidden Login Page)
2023-09-20 00:00:00