Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
wpexploitJuan Pablo Gomez PostigoWPEX-ID:2B547488-187B-44BC-A57D-F876A7D4C87D
HistorySep 20, 2023 - 12:00 a.m.

Defender Security < 4.1.0 - Protection Bypass (Hidden Login Page)

2023-09-2000:00:00
Juan Pablo Gomez Postigo
55
defender security
protection bypass
hidden login page
gravityforms
exploit

0.002 Low

EPSS

Percentile

61.5%

JSON

Description The plugin does not prevent redirects to the login page via the auth_redirect WordPress function, allowing an unauthenticated visitor to access the login page, even when the hide login page functionality of the plugin is enabled.

Example using GravityForms to redirect to the login page:

https://example.com/?gf_page=randomstring

Related

prion 1
nuclei 1
cve 1
cvelist 1
nvd 1
githubexploit 1
wpvulndb 1
prion
prion
Design/Logic Flaw
2023-10-16 20:15:00
nuclei
nuclei
Defender Security < 4.1.0 - Protection Bypass (Hidden Login Page)
2024-03-01 17:18:56
cve
cve
CVE-2023-5089
2023-10-16 20:15:17
cvelist
cvelist
CVE-2023-5089 Defender Security < 4.1.0 - Protection Bypass (Hidden Login Page)
2023-10-16 19:39:25
nvd
nvd
CVE-2023-5089
2023-10-16 20:15:17
githubexploit
githubexploit
Exploit for CVE-2023-5089
2024-05-24 07:14:55
wpvulndb
wpvulndb
Defender Security < 4.1.0 - Protection Bypass (Hidden Login Page)
2023-09-20 00:00:00

0.002 Low

EPSS

Percentile

61.5%

JSON
Related for WPEX-ID:2B547488-187B-44BC-A57D-F876A7D4C87D
prion1nuclei1cve1cvelist1nvd1githubexploit1wpvulndb1