Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

Nuclei
Nucleiadded 9 hours ago30 views

WordPress HC Custom WP-Admin URL <=1.4 - Admin Login URL Disclosure

The HC Custom WP-Admin URL WordPress plugin through 1.4 leaks the secret login URL when sending a specific crafted request id: CVE-2022-1595 info: name: WordPress HC Custom WP-Admin URL =1.5 to mitigate the vulnerability. reference: -...

5.3CVSS5.9AI score0.3108EPSS
Exploits2References3
NVD
NVDadded 2022/06/13 1:15 p.m.14 views

CVE-2022-1594

The HC Custom WP-Admin URL WordPress plugin through 1.4 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack, allowing them to change the login URL...

4.3CVSS0.00103EPSS
Exploits2References1
NVD
NVDadded 2022/06/13 1:15 p.m.15 views

CVE-2022-1595

The HC Custom WP-Admin URL WordPress plugin through 1.4 leaks the secret login URL when sending a specific crafted request...

5.3CVSS0.3108EPSS
Exploits2References1
CVE
CVEadded 2022/06/13 12:42 p.m.172 views

CVE-2022-1595

CVE-2022-1595 affects the WordPress HC Custom WP-Admin URL plugin up to version 1.4. The issue is unauthenticated information disclosure: a crafted request leaks the secret admin login URL, enabling potential brute‑force targeting of the admin panel. Affected: HC Custom WP-Admin URL WordPress plu...

5.3CVSS5.2AI score0.3108EPSS
Exploits2References1Affected Software1
CVE
CVEadded 2022/06/13 12:42 p.m.74 views

CVE-2022-1594

CVE-2022-1594 concerns the WordPress plugin HC Custom WP-Admin URL (versions ≤ 1.4). The vulnerability is a lack of CSRF protection when updating settings, enabling a logged-in administrator to be coerced into changing the login URL via a CSRF attack. Impact aligns with Arbitrary Settings Update ...

4.3CVSS4.4AI score0.00103EPSS
Exploits2References1Affected Software1
Positive Technologies
Positive Technologiesadded 2022/06/13 12:0 a.m.1 views

PT-2022-13992 · WordPress · Hc Custom Wp-Admin Url

Name of the Vulnerable Software and Affected Versions: HC Custom WP-Admin URL WordPress plugin versions 1.4 and earlier Description: The issue allows the secret login URL to be leaked when a specific crafted request is sent. Recommendations: For HC Custom WP-Admin URL WordPress plugin versions 1....

5.3CVSS5.1AI score0.3108EPSS
Exploits2References5
wpexploit
wpexploitadded 2022/05/18 12:0 a.m.113 views

HC Custom WP-Admin URL <= 1.4 - Arbitrary Settings Update via CSRF

The plugin does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack, allowing them to change the login URL document.getElementById"test".submit;...

4.3CVSS1.6AI score0.00103EPSS
Exploits2
Patchstack
Patchstackadded 2022/05/18 12:0 a.m.56 views

WordPress HC Custom WP-Admin URL plugin <= 1.4 - Unauthenticated Secret URL Disclosure vulnerability

Unauthenticated Secret URL Disclosure vulnerability discovered by Daniel Ruf in WordPress HC Custom WP-Admin URL plugin versions = 1.4. Solution Deactivate and delete. This plugin has been closed as of May 5, 2022 and is not available for download. This closure is temporary, pending a full review...

5.3CVSS1.7AI score0.3108EPSS
Exploits2References3Affected Software1
Rows per page
Query Builder