Calgary, Alberta, Canada
sales@hackhalt.com
Free Download Free Download Free Download
Explore Pricing Explore Pricing Explore Pricing

Blog

"Prevention is cheaper than a breach"

Live Vulnerability Intelligence

Threat Database

Search CVEs, inspect descriptions, and open detail pages with AI-assisted technical context.

Total3
Critical0
High1
Medium2
Reset
Showing 1-3 of 3 records
Threat Entry Updated 2025-03-17

CVE-2024-6289 - Wps Hide Login Plugin

The WPS Hide Login WordPress plugin before 1.9.16.4 does not prevent redirects to the login page via the auth_redirect WordPress function, allowing an unauthenticated visitor to access the hidden login page.

PLUGIN Wps Hide Login

CVE-2024-6289

MEDIUM CVSS 6.1 2024-07-15
Open Full Technical Breakdown
Threat Entry Updated 2024-11-21

CVE-2024-2473 - Wps Hide Login Plugin

The WPS Hide Login plugin for WordPress is vulnerable to Login Page Disclosure in all versions up to, and including, 1.9.15.2. This is due to a bypass that is created when the 'action=postpass' parameter is supplied. This makes it possible for attackers to easily discover any login page that may have been hidden by the plugin.

PLUGIN Wps Hide Login

CVE-2024-2473

MEDIUM CVSS 5.3 2024-06-11
Open Full Technical Breakdown
Threat Entry Updated 2024-11-21

CVE-2021-24917 - Wps Hide Login Plugin

The WPS Hide Login WordPress plugin before 1.9.1 has a bug which allows to get the secret login page by setting a random referer string and making a request to /wp-admin/options.php as an unauthenticated user.

PLUGIN Wps Hide Login

CVE-2021-24917

HIGH CVSS 7.5 2021-12-06
Open Full Technical Breakdown
Scroll to top