Vulnerabilities and Security Researches

WPS Hide Login, CVE-2024-6289

CVE, Research URL: CVE-2024-6289
Home page URL: Security reports for WPS Hide Login
Application: WPS Hide Login
Published on: Jul 15, 2024
Research Description: The WPS Hide Login WordPress plugin before 1.9.16.4 does not prevent redirects to the login page via the auth_redirect WordPress function, allowing an unauthenticated visitor to access the hidden login page.
Affected versions: max 1.9.16.4.
Status: vulnerable