Wpserveur

wpserveur

11 CVEs • 2 products

Products (2)

Click to collapse

Toggle

Wps Child Theme Generator

wps_child_theme_generator

CVEs (11)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2024-6289 1Wpserveur 1Wps Hide Login Mar 17, 2025 Jul 15, 2024 N/A· v4 6.1 MEDIUM· v3 N/A· v2 The WPS Hide Login WordPress plugin before 1.9.16.4 does not prevent redirects to the login page via the auth_redirect WordPress function, allowing an unauthenticated visitor to access the hidden login page.
CVE-2024-2473 1Wpserveur 1Wps Hide Login Apr 8, 2026 Jun 11, 2024 N/A· v4 5.3 MEDIUM· v3 N/A· v2 The WPS Hide Login plugin for WordPress is vulnerable to Login Page Disclosure in all versions up to, and including, 1.9.15.2. This is due to a bypass that is created when the 'action=postpass' parameter is supplied. Thi...Show more The WPS Hide Login plugin for WordPress is vulnerable to Login Page Disclosure in all versions up to, and including, 1.9.15.2. This is due to a bypass that is created when the 'action=postpass' parameter is supplied. This makes it possible for attackers to easily discover any login page that may have been hidden by the plugin.Show less
CVE-2020-36710 1Wpserveur 1Wps Hide Login Apr 8, 2026 Jun 7, 2023 N/A· v4 7.5 HIGH· v3 N/A· v2 The WPS Hide Login plugin for WordPress is vulnerable to login page disclosure even when the settings of the plugin are set to hide the login page making it possible for unauthenticated attackers to brute force credentia...Show more The WPS Hide Login plugin for WordPress is vulnerable to login page disclosure even when the settings of the plugin are set to hide the login page making it possible for unauthenticated attackers to brute force credentials on sites in versions up to, and including, 1.5.4.2.Show less
CVE-2021-24917 1Wpserveur 1Wps Hide Login Nov 21, 2024 Dec 6, 2021 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 The WPS Hide Login WordPress plugin before 1.9.1 has a bug which allows to get the secret login page by setting a random referer string and making a request to /wp-admin/options.php as an unauthenticated user.
CVE-2021-3332 1Wpserveur 1Wps Hide Login Nov 21, 2024 Mar 1, 2021 N/A· v4 5.3 MEDIUM· v3 5.0 MEDIUM· v2 WPS Hide Login 1.6.1 allows remote attackers to bypass a protection mechanism via post_password.
CVE-2015-9498 1Wpserveur 1Wps Hide Login Nov 21, 2024 Oct 22, 2019 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 The wps-hide-login plugin before 1.1 for WordPress has CSRF that affects saving an option value.
CVE-2019-15826 1Wpserveur 1Wps Hide Login Nov 21, 2024 Aug 30, 2019 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 The wps-hide-login plugin before 1.5.3 for WordPress has a protection bypass via wp-login.php in the Referer field.
CVE-2019-15825 1Wpserveur 1Wps Hide Login Nov 21, 2024 Aug 30, 2019 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 The wps-hide-login plugin before 1.5.3 for WordPress has an action=rp&key&login protection bypass.
CVE-2019-15824 1Wpserveur 1Wps Hide Login Nov 21, 2024 Aug 30, 2019 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 The wps-hide-login plugin before 1.5.3 for WordPress has an adminhash protection bypass.
CVE-2019-15823 1Wpserveur 1Wps Hide Login Nov 21, 2024 Aug 30, 2019 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 The wps-hide-login plugin before 1.5.3 for WordPress has an action=confirmaction protection bypass.
CVE-2019-15822 1Wpserveur 1Wps Child Theme Generator Nov 21, 2024 Aug 30, 2019 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 The wps-child-theme-generator plugin before 1.2 for WordPress has classes/helpers.php directory traversal.