Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
wpvulndbJuan Pablo Gomez PostigoWPVDB-ID:2B547488-187B-44BC-A57D-F876A7D4C87D
HistorySep 20, 2023 - 12:00 a.m.

Defender Security < 4.1.0 - Protection Bypass (Hidden Login Page)

2023-09-2000:00:00
Juan Pablo Gomez Postigo
wpscan.com
2
wordpress
protection bypass
gravityforms

0.002 Low

EPSS

Percentile

61.5%

JSON

Description The plugin does not prevent redirects to the login page via the auth_redirect WordPress function, allowing an unauthenticated visitor to access the login page, even when the hide login page functionality of the plugin is enabled.

PoC

Example using GravityForms to redirect to the login page: https://example.com/?gf_page=randomstring

CPENameOperatorVersion
eq4.1.0

Related

prion 1
nuclei 1
nvd 1
githubexploit 1
cve 1
cvelist 1
wpexploit 1
prion
prion
Design/Logic Flaw
2023-10-16 20:15:00
nuclei
nuclei
Defender Security < 4.1.0 - Protection Bypass (Hidden Login Page)
2024-03-01 17:18:56
nvd
nvd
CVE-2023-5089
2023-10-16 20:15:17
githubexploit
githubexploit
Exploit for CVE-2023-5089
2024-05-24 07:14:55
cve
cve
CVE-2023-5089
2023-10-16 20:15:17
cvelist
cvelist
CVE-2023-5089 Defender Security < 4.1.0 - Protection Bypass (Hidden Login Page)
2023-10-16 19:39:25
wpexploit
wpexploit
Defender Security < 4.1.0 - Protection Bypass (Hidden Login Page)
2023-09-20 00:00:00

0.002 Low

EPSS

Percentile

61.5%

JSON
Related for WPVDB-ID:2B547488-187B-44BC-A57D-F876A7D4C87D
prion1nuclei1nvd1githubexploit1cve1cvelist1wpexploit1