ThreatPress

WordPress Vulnerabilities Database

Back

WordPress WPS Hide Login plugin <= 1.5.4.2 - Secret login page location disclosure vulnerability

Product
WPS Hide Login
Description
Secret login page location disclosure vulnerability found by Jerome Bruandet in WordPress WPS Hide Login plugin (versions <= 1.5.4.2).
Solution
Update the WordPress WPS Hide Login plugin to the latest available version (at least 1.5.5).
Classification
Type BYPASS
References
Plugin changelog
CVE
Name CVE-N/A
Versions
Affected In <= 1.5.4.2
Fixed In 1.5.5
Disclosure date
2020-01-27
Credits
Jerome Bruandet (Nintechnet)
Submitter
ThreatPress