Description The LWS Hide Login plugin for WordPress is vulnerable to protection mechanism bypass in all versions up to, and including, 2.1.8. This is due to the fact that attackers can bypass the hidden login page by visiting install.php. This makes it possible for unauthenticated attackers to login to the site even when the login page has been hidden.
CPE | Name | Operator | Version |
---|---|---|---|
eq | 2.1.9 |