CVE-2024-6289
- Reference to the description:
- Description:
- The WPS Hide Login WordPress plugin before 1.9.16.4 does not prevent redirects to the login page via the auth_redirect WordPress function, allowing an unauthenticated visitor to access the hidden login page.
- Last updated date:
- 07/16/2024
- Type:
- exploit
- Confidence:
- HIGH
- Date of publishing:
- 07/16/2024
- Reference url to background
https://wpscan.com/vulnerability/fd6d0362-df1d-4416-b8b5-6e5d0ce84793/