Wpserveur Wps_hide_login
10 CVEs affecting Wpserveur Wps_hide_login. Latest disclosed: 2024-07-15. Critical: 4, High: 2.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2019-15826 | Critical | 9.8 | 2019-08-30 | The wps-hide-login plugin before 1.5.3 for WordPress has a protection bypass via wp-login.php in the Referer field. |
CVE-2019-15825 | Critical | 9.8 | 2019-08-30 | The wps-hide-login plugin before 1.5.3 for WordPress has an action=rp&key&login protection bypass. |
CVE-2019-15824 | Critical | 9.8 | 2019-08-30 | The wps-hide-login plugin before 1.5.3 for WordPress has an adminhash protection bypass. |
CVE-2019-15823 | Critical | 9.8 | 2019-08-30 | The wps-hide-login plugin before 1.5.3 for WordPress has an action=confirmaction protection bypass. |
CVE-2015-9498 | High | 8.8 | 2019-10-22 | The wps-hide-login plugin before 1.1 for WordPress has CSRF that affects saving an option value. |
CVE-2021-24917 | High | 7.5 | 2021-12-06 | The WPS Hide Login WordPress plugin before 1.9.1 has a bug which allows to get the secret login page by setting a random referer string and making a request to… |
CVE-2024-6289 | Medium | 6.1 | 2024-07-15 | The WPS Hide Login WordPress plugin before 1.9.16.4 does not prevent redirects to the login page via the auth_redirect WordPress function, allowing an unauthen… |
CVE-2024-2473 | Medium | 5.3 | 2024-06-11 | The WPS Hide Login plugin for WordPress is vulnerable to Login Page Disclosure in all versions up to, and including, 1.9.15.2. This is due to a bypass that is… |
CVE-2020-36710 | Medium | 5.3 | 2023-06-07 | The WPS Hide Login plugin for WordPress is vulnerable to login page disclosure even when the settings of the plugin are set to hide the login page making it po… |
CVE-2021-3332 | Medium | 5.3 | 2021-03-01 | WPS Hide Login 1.6.1 allows remote attackers to bypass a protection mechanism via post_password. |