6 matches found
CVE-2023-48335 WordPress Hide login page plugin <= 1.1.9 - Secret Login Page Location Disclosure on Multisites vulnerability
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Webcraftic Hide login page allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Hide login page: from n/a through 1.1.9...
CVE-2023-48335 WordPress Hide login page plugin <= 1.1.9 - Secret Login Page Location Disclosure on Multisites vulnerability
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Webcraftic Hide login page allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Hide login page: from n/a through 1.1.9...
WordPress Hide login page Plugin <= 1.1.9 is vulnerable to Bypass Vulnerability
Software Hide login page Type Plugin Vulnerable versions = 1.1.9 Fixed in N/A OWASP Top 10 A4: Insecure Design Classification Bypass Vulnerability CVE CVE-2023-48335 Patch priority Low CVSS severity Low 3.7 Developer Claim ownership PSID b14b2f707de8 Credits Naveen Muthusamy Required privilege...
CVE-2023-5089
The Defender Security WordPress plugin before 4.1.0 does not prevent redirects to the login page via the authredirect WordPress function, allowing an unauthenticated visitor to access the login page, even when the hide login page functionality of the plugin is enabled...
PT-2023-31704
Name of the Vulnerable Software and Affected Versions Defender Security WordPress plugin versions prior to 4.1.0 Description The issue allows an unauthenticated visitor to access the login page, even when the hide login page functionality of the plugin is enabled, due to the plugin not preventing...
PT-2023-11852 · WordPress · Wps Hide Login
Name of the Vulnerable Software and Affected Versions: WPS Hide Login plugin for WordPress versions up to, and including, 1.5.4.2 Description: The issue allows unauthenticated attackers to brute force credentials on sites, even when the plugin settings are set to hide the login page. This enables...