Vulnerabilities > WP Experts > Protect WP Admin
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-07-04 | CVE-2023-3139 | Open Redirect vulnerability in Wp-Experts Protect WP Admin The Protect WP Admin WordPress plugin before 4.0 discloses the URL of the admin panel via a redirection of a crafted URL, bypassing the protection offered. | 6.1 |
| 2022-01-24 | CVE-2021-24906 | Missing Authorization vulnerability in Wp-Experts Protect WP Admin The Protect WP Admin WordPress plugin before 3.6.2 does not check for authorisation in the lib/pwa-deactivate.php file, which could allow unauthenticated users to disable the plugin (and therefore the protection offered) via a crafted request | 5.0 |