Known Vulnerabilities
CVE-2024-6289
The WPS Hide Login WordPress plugin before 1.9.16.4 does not prevent redirects to the login page via the auth_redirect WordPress function, allowing an unauthenticated visitor to access the hidden login page.
MEDIUM
CVSS 6.1
Published Jul 15, 2024
CVE-2023-49748
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in WPServeur, NicolasKulka, wpformation WPS Hide Login allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WPS Hide Login: from n/a through 1.9.11.
LOW
CVSS 3.7
Published Jun 04, 2024