CVE-2019-15826 — CVSS 9.8 (critical): The wps-hide-login plugin before 1.5.3 for WordPress has a protection bypass via wp-login.php in the Referer field.
CVE-2015-9498 — CVSS 8.8 (high): The wps-hide-login plugin before 1.1 for WordPress has CSRF that affects saving an option value.
CVE-2021-24917 — CVSS 7.5 (high): The WPS Hide Login WordPress plugin before 1.9.1 has a bug which allows to get the secret login page by setting a random referer string and…
CVE-2024-6289 — CVSS 6.1 (medium): The WPS Hide Login WordPress plugin before 1.9.16.4 does not prevent redirects to the login page via the auth_redirect WordPress function…
CVE-2024-2473 — CVSS 5.3 (medium): The WPS Hide Login plugin for WordPress is vulnerable to Login Page Disclosure in all versions up to, and including, 1.9.15.2. This is due…
CVE-2020-36710 — CVSS 5.3 (medium): The WPS Hide Login plugin for WordPress is vulnerable to login page disclosure even when the settings of the plugin are set to hide the…