5 matches found
Exploit for CVE-2023-5089
Badges !MIT Licensehttps://img.shields.io/badge/Licens...
CVE-2023-5089
The Defender Security WordPress plugin before 4.1.0 does not prevent redirects to the login page via the authredirect WordPress function, allowing an unauthenticated visitor to access the login page, even when the hide login page functionality of the plugin is enabled...
CVE-2023-5089 Defender Security < 4.1.0 - Protection Bypass (Hidden Login Page)
The Defender Security WordPress plugin before 4.1.0 does not prevent redirects to the login page via the authredirect WordPress function, allowing an unauthenticated visitor to access the login page, even when the hide login page functionality of the plugin is enabled...
CVE-2023-5089
The Defender Security WordPress plugin (pre-4.1.0) fails to block redirects to the login page via WordPress auth_redirect, allowing unauthenticated visitors to access the login page even when the plugin’s hide-login feature is enabled. Affected product/version: Defender Security
WordPress Defender Security Plugin < 4.1.0 is vulnerable to Bypass Vulnerability
Software Defender Security Type Plugin Vulnerable versions 4.1.0 Fixed in 4.1.0 OWASP Top 10 A1: Broken Access Control Classification Bypass Vulnerability CVE CVE-2023-5089 Patch priority Low CVSS severity Low 5.3 Developer WPMU DEV PSID e45ed857552b Credits Juan Pablo Gomez Postigo Required...