CVE-2019-15825

Name of the Vulnerable Software and Affected Versions wps-hide-login plugin versions prior to 1.5.3

Description The issue allows for protection bypass due to insufficient validation of the action and key parameters in the login process, specifically when action=rp is used. This could potentially allow unauthorized access to the system.

Recommendations For versions prior to 1.5.3, update to version 1.5.3 or later to resolve the issue.