cleantalk
Vulnerabilities and Security Researches

All-In-One Security (AIOS) – Security and Firewall, 209def1128b75ad6cd7c7ca2ef9e8d3e077c3e42

CVE, Research URL

209def1128b75ad6cd7c7ca2ef9e8d3e077c3e42

Home page URL

Security reports for All-In-One Security (AIOS) – Security and Firewall

Application

All-In-One Security (AIOS) – Security and Firewall

Published on
Oct 25, 2023
Research Description
All-In-One Security (AIOS) – Security and Firewall [all-in-one-wp-security-and-firewall] < 5.2.5 All In One WP Security <= 5.2.4 - Protection Bypass of Renamed Login Page via URL Encoding The All-In-One Security (AIOS) – Security and Firewall plugin for WordPress is vulnerable to protection bypass on the login page in all versions up to and including 5.2.4. This makes it possible for unauthenticated attackers to visit the login page in cases where it has been renamed by using URL Encoding to visit wp-login.php.
Affected versions
max 5.2.5.
Status
vulnerable
Previous vulnerability researches
My auctions allegro (CVE-2025-27009) , Apr 16, 2025
My auctions allegro (CVE-2024-11707) , Dec 06, 2024
My auctions allegro (CVE-2025-68567) , Jan 10, 2026
My auctions allegro (CVE-2025-68566) , Jan 10, 2026
My auctions allegro (CVE-2025-12851) , Dec 10, 2025
New vulnerability
Visitor Traffic Real Time Statistics (d55d0500d8a2618b43e8fa9d45f7c31c4efa802b) , Jun 16, 2026
Visitor Traffic Real Time Statistics (3961132f-ecc1-4f41-83f1-3ac537143b38) , Jun 16, 2026
Visitor Traffic Real Time Statistics (e8d4a97633d55dd8c46a212365ad808cf7c30224) , Jun 16, 2026
Ultimate Maps by Supsystic (3958f2eb5c5ad29221566e4e9b152ab95b01c255) , Jun 16, 2026
Ultimate Maps by Supsystic (0b83038e-92d2-4bdd-a597-a5d8eff50edb) , Jun 16, 2026