Vulnerabilities > Wpserveur > WPS Hide Login > 1.6.1
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-12-06 | CVE-2021-24917 | Incorrect Authorization vulnerability in Wpserveur WPS Hide Login The WPS Hide Login WordPress plugin before 1.9.1 has a bug which allows to get the secret login page by setting a random referer string and making a request to /wp-admin/options.php as an unauthenticated user. | 5.0 |
2021-03-01 | CVE-2021-3332 | Improper Authentication vulnerability in Wpserveur WPS Hide Login 1.6.1 WPS Hide Login 1.6.1 allows remote attackers to bypass a protection mechanism via post_password. | 5.0 |