Jpgp

#18381of 53,622
14.7Total CVSS
Vulnerabilities · 2
Medium
1
High
1
PT-2024-37613
8.6
2024-07-23
WordPress · Hide My Wp Ghost · CVE-2024-6420
**Name of the Vulnerable Software and Affected Versions** Hide My WP Ghost WordPress plugin versions prior to 5.2.02 **Description** The issue allows an unauthenticated visitor to access the hidden login page due to the plugin not preventing redirects to the login page via the `auth redirect` WordPress function. **Recommendations** For versions prior to 5.2.02, update to version 5.2.02 or later to resolve the issue. As a temporary workaround, consider restricting access to the login page to minimize the risk of exploitation.
PT-2024-37516
6.1
2024-07-15
WordPress · Wps Hide Login · CVE-2024-6289
Name of the Vulnerable Software and Affected Versions: WPS Hide Login WordPress plugin versions prior to 1.9.16.4 Description: The issue allows an unauthenticated visitor to access the hidden login page due to the plugin not preventing redirects to the login page via the `auth redirect` WordPress function. Recommendations: For versions prior to 1.9.16.4, update to version 1.9.16.4 or later to resolve the issue. As a temporary workaround, consider restricting access to the login page to minimize the risk of exploitation.