Description The plugin does not prevent redirects to the login page via the auth_redirect WordPress function, allowing an unauthenticated visitor to access the login page, even when the hide login page functionality of the plugin is enabled.
Example using GravityForms to redirect to the login page:
https://example.com/?gf_page=randomstring