Wpserveur Wps_hide_login

10 CVEs affecting Wpserveur Wps_hide_login. Latest disclosed: 2024-07-15. Critical: 4, High: 2.

Top CVEs affecting Wpserveur Wps_hide_login
CVESeverityScorePublishedSummary
CVE-2019-15826Critical9.82019-08-30The wps-hide-login plugin before 1.5.3 for WordPress has a protection bypass via wp-login.php in the Referer field.
CVE-2019-15825Critical9.82019-08-30The wps-hide-login plugin before 1.5.3 for WordPress has an action=rp&key&login protection bypass.
CVE-2019-15824Critical9.82019-08-30The wps-hide-login plugin before 1.5.3 for WordPress has an adminhash protection bypass.
CVE-2019-15823Critical9.82019-08-30The wps-hide-login plugin before 1.5.3 for WordPress has an action=confirmaction protection bypass.
CVE-2015-9498High8.82019-10-22The wps-hide-login plugin before 1.1 for WordPress has CSRF that affects saving an option value.
CVE-2021-24917High7.52021-12-06The WPS Hide Login WordPress plugin before 1.9.1 has a bug which allows to get the secret login page by setting a random referer string and making a request to…
CVE-2024-6289Medium6.12024-07-15The WPS Hide Login WordPress plugin before 1.9.16.4 does not prevent redirects to the login page via the auth_redirect WordPress function, allowing an unauthen…
CVE-2024-2473Medium5.32024-06-11The WPS Hide Login plugin for WordPress is vulnerable to Login Page Disclosure in all versions up to, and including, 1.9.15.2. This is due to a bypass that is…
CVE-2020-36710Medium5.32023-06-07The WPS Hide Login plugin for WordPress is vulnerable to login page disclosure even when the settings of the plugin are set to hide the login page making it po…
CVE-2021-3332Medium5.32021-03-01WPS Hide Login 1.6.1 allows remote attackers to bypass a protection mechanism via post_password.