Vulnerabilities > HC Custom WP Admin URL Project
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-06-13 | CVE-2022-1594 | Cross-Site Request Forgery (CSRF) vulnerability in HC Custom Wp-Admin URL Project HC Custom Wp-Admin URL 1.4 The HC Custom WP-Admin URL WordPress plugin through 1.4 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack, allowing them to change the login URL | 4.3 |
| 2022-06-13 | CVE-2022-1595 | Information Exposure vulnerability in HC Custom Wp-Admin URL Project HC Custom Wp-Admin URL 1.4 The HC Custom WP-Admin URL WordPress plugin through 1.4 leaks the secret login URL when sending a specific crafted request | 5.3 |