Juliobox

**Name of the Vulnerable Software and Affected Versions** wps-hide-login plugin versions prior to 1.1 **Description** The issue affects the saving of an option value and is related to CSRF. **Recommendations** For versions prior to 1.1, update to version 1.1 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** wps-hide-login plugin versions prior to 1.5.3 **Description** The issue concerns a protection bypass in the wps-hide-login plugin for WordPress. **Recommendations** For versions prior to 1.5.3, update to version 1.5.3 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** wps-hide-login plugin versions prior to 1.5.3 **Description** The issue allows for protection bypass due to insufficient validation of the `action` and `key` parameters in the login process, specifically when `action=rp` is used. This could potentially allow unauthorized access to the system. **Recommendations** For versions prior to 1.5.3, update to version 1.5.3 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** wps-hide-login plugin versions prior to 1.5.3 **Description** The issue allows for protection bypass via the "wp-login.php" page, specifically through manipulation of the Referer field. **Recommendations** For versions prior to 1.5.3, update to version 1.5.3 or later to resolve the issue.