Skip to main content

Wps Hide Login

9 CVEs product

Monthly

CVE-2024-6289 MEDIUM POC This Month

The WPS Hide Login WordPress plugin before 1.9.16.4 does not prevent redirects to the login page via the auth_redirect WordPress function, allowing an unauthenticated visitor to access the hidden. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

WordPress Open Redirect Wps Hide Login
NVD WPScan
CVSS 3.1
6.1
EPSS
0.9%
CVE-2024-2473 MEDIUM POC PATCH THREAT This Month

The WPS Hide Login plugin for WordPress is vulnerable to Login Page Disclosure in all versions up to, and including, 1.9.15.2. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 11.8%.

WordPress Authentication Bypass Wps Hide Login
NVD GitHub VulDB
CVSS 3.1
5.3
EPSS
11.8%
CVE-2020-36710 MEDIUM POC This Month

The WPS Hide Login plugin for WordPress is vulnerable to login page disclosure even when the settings of the plugin are set to hide the login page making it possible for unauthenticated attackers to. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass WordPress Wps Hide Login
NVD
CVSS 3.1
5.3
EPSS
0.7%
CVE-2021-24917 HIGH POC THREAT This Week

The WPS Hide Login WordPress plugin before 1.9.1 has a bug which allows to get the secret login page by setting a random referer string and making a request to /wp-admin/options.php as an. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

WordPress PHP Authentication Bypass Wps Hide Login
NVD WPScan
CVSS 3.1
7.5
EPSS
71.5%
CVE-2021-3332 MEDIUM POC This Month

WPS Hide Login 1.6.1 allows remote attackers to bypass a protection mechanism via post_password. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Wps Hide Login
NVD
CVSS 3.1
5.3
EPSS
1.8%
CVE-2019-15826 CRITICAL POC Act Now

The wps-hide-login plugin before 1.5.3 for WordPress has a protection bypass via wp-login.php in the Referer field. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass PHP WordPress Wps Hide Login
NVD
CVSS 3.0
9.8
EPSS
3.0%
CVE-2019-15825 CRITICAL POC Act Now

The wps-hide-login plugin before 1.5.3 for WordPress has an action=rp&key&login protection bypass. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass WordPress Wps Hide Login
NVD
CVSS 3.0
9.8
EPSS
3.0%
CVE-2019-15824 CRITICAL POC Act Now

The wps-hide-login plugin before 1.5.3 for WordPress has an adminhash protection bypass. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass WordPress Wps Hide Login
NVD
CVSS 3.0
9.8
EPSS
3.0%
CVE-2019-15823 CRITICAL POC Act Now

The wps-hide-login plugin before 1.5.3 for WordPress has an action=confirmaction protection bypass. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass WordPress Wps Hide Login
NVD
CVSS 3.0
9.8
EPSS
8.6%
EPSS 1% CVSS 6.1
MEDIUM POC This Month

The WPS Hide Login WordPress plugin before 1.9.16.4 does not prevent redirects to the login page via the auth_redirect WordPress function, allowing an unauthenticated visitor to access the hidden. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

WordPress Open Redirect Wps Hide Login
NVD WPScan
EPSS 12% CVSS 5.3
MEDIUM POC PATCH THREAT This Month

The WPS Hide Login plugin for WordPress is vulnerable to Login Page Disclosure in all versions up to, and including, 1.9.15.2. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 11.8%.

WordPress Authentication Bypass Wps Hide Login
NVD GitHub VulDB
EPSS 1% CVSS 5.3
MEDIUM POC This Month

The WPS Hide Login plugin for WordPress is vulnerable to login page disclosure even when the settings of the plugin are set to hide the login page making it possible for unauthenticated attackers to. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass WordPress Wps Hide Login
NVD
EPSS 72% CVSS 7.5
HIGH POC THREAT This Week

The WPS Hide Login WordPress plugin before 1.9.1 has a bug which allows to get the secret login page by setting a random referer string and making a request to /wp-admin/options.php as an. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

WordPress PHP Authentication Bypass +1
NVD WPScan
EPSS 2% CVSS 5.3
MEDIUM POC This Month

WPS Hide Login 1.6.1 allows remote attackers to bypass a protection mechanism via post_password. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Wps Hide Login
NVD
EPSS 3% CVSS 9.8
CRITICAL POC Act Now

The wps-hide-login plugin before 1.5.3 for WordPress has a protection bypass via wp-login.php in the Referer field. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass PHP WordPress +1
NVD
EPSS 3% CVSS 9.8
CRITICAL POC Act Now

The wps-hide-login plugin before 1.5.3 for WordPress has an action=rp&key&login protection bypass. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass WordPress Wps Hide Login
NVD
EPSS 3% CVSS 9.8
CRITICAL POC Act Now

The wps-hide-login plugin before 1.5.3 for WordPress has an adminhash protection bypass. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass WordPress Wps Hide Login
NVD
EPSS 9% CVSS 9.8
CRITICAL POC Act Now

The wps-hide-login plugin before 1.5.3 for WordPress has an action=confirmaction protection bypass. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass WordPress Wps Hide Login
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy