4 matches found
CVE-2023-3604
The Change WP Admin Login WordPress plugin before 1.1.4 discloses the URL of the hidden login page when accessing a crafted URL, bypassing the protection offered...
CVE-2023-3604
creationtimestamp| type| source ---|---|--- 2023-08-21 20:41:16+00:00| seen| https://t.me/cibsecurity/68900...
CVE-2023-3604
CVE-2023-3604 affects the Change WP Admin Login WordPress plugin prior to version 1.1.4. The vulnerability arises from disclosing the URL of the hidden login page when a crafted URL is accessed, bypassing the plugin’s protection mechanism. Impact, as stated in multiple sources, is that an unauthe...
WordPress Change wp-admin login Plugin < 1.1.4 is vulnerable to Bypass Vulnerability
Software Change wp-admin login Type Plugin Vulnerable versions 1.1.4 Fixed in 1.1.4 OWASP Top 10 A5: Security Misconfiguration Classification Bypass Vulnerability CVE CVE-2023-3604 Patch priority Medium CVSS severity Medium 5.3 Developer Claim ownership PSID f402f5411a8e Credits Muhamad Arsyad...