CVE-2022-3489
WP Hide WordPress plugin (versions 0.0.0–0.0.2) is affected by an unauthenticated settings update vulnerability in the custom_wpadmin_slug feature. The root cause is missing authorization and CSRF checks on the update endpoint (Settings update for the slug), enabling unauthenticated attackers to ...