Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wpserveur wps hide login vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2015-9498
The wps-hide-login plugin prior to 1.1 for WordPress has CSRF that affects saving an option value.
Wpserveur Wps Hide Login
5
CVSSv2
CVE-2021-24917
The WPS Hide Login WordPress plugin prior to 1.9.1 has a bug which allows to get the secret login page by setting a random referer string and making a request to /wp-admin/options.php as an unauthenticated user.
Wpserveur Wps Hide Login
2 Github repositories
NA
CVE-2020-36710
The WPS Hide Login plugin for WordPress is vulnerable to login page disclosure even when the settings of the plugin are set to hide the login page making it possible for unauthenticated malicious users to brute force credentials on sites in versions up to, and including, 1.5.4.2.
Wpserveur Wps Hide Login
7.5
CVSSv2
CVE-2019-15823
The wps-hide-login plugin prior to 1.5.3 for WordPress has an action=confirmaction protection bypass.
Wpserveur Wps Hide Login
7.5
CVSSv2
CVE-2019-15824
The wps-hide-login plugin prior to 1.5.3 for WordPress has an adminhash protection bypass.
Wpserveur Wps Hide Login
7.5
CVSSv2
CVE-2019-15825
The wps-hide-login plugin prior to 1.5.3 for WordPress has an action=rp&key&login protection bypass.
Wpserveur Wps Hide Login
7.5
CVSSv2
CVE-2019-15826
The wps-hide-login plugin prior to 1.5.3 for WordPress has a protection bypass via wp-login.php in the Referer field.
Wpserveur Wps Hide Login
5
CVSSv2
CVE-2021-3332
WPS Hide Login 1.6.1 allows remote malicious users to bypass a protection mechanism via post_password.
Wpserveur Wps Hide Login 1.6.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
Vulmon