CalvinBackup/CVEs-PoC
1
0
Fork 0
mirror of https://github.com/0xMarcio/cve.git synced 2026-05-28 19:41:33 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
8e2ebbf9bd04edab52d0cbcbc6c2f6e2cfdaa67d
CVEs-PoC/2024/CVE-2024-2473.md
T
0xMarcio 3e58935392 Update CVE sources 2024-08-10 19:04
2024-08-10 19:04:30 +00:00

850 B
Raw Blame History

CVE-2024-2473

Description

The WPS Hide Login plugin for WordPress is vulnerable to Login Page Disclosure in all versions up to, and including, 1.9.15.2. This is due to a bypass that is created when the 'action=postpass' parameter is supplied. This makes it possible for attackers to easily discover any login page that may have been hidden by the plugin.

POC

Reference

No PoCs from references.

Github

Reference in New Issue View Git Blame Copy Permalink