WordPress Plugin Vulnerabilities
Change WP Admin < 1.1.4 - Secret Login Page Disclosure
Description
The plugin discloses the URL of the hidden login page when accessing a crafted URL, bypassing the protection offered.
Proof of Concept
- Set custom Login URL under "Settings > Permalinks". For example, `login` - As an unauthenticated visitor, open https://example.com/wp-admin/customize.php in a different browser - It will redirect to the login page: https://example.com/login/?redirect_to=https%3A%2F%2Fexample.com%2Fwp-admin%2Fcustomize.php&reauth=1
Affects Plugins
References
CVE
Miscellaneous
Original Researcher
Muhamad Arsyad
Submitter
Muhamad Arsyad
Verified
Yes
WPVDB ID
Timeline
Publicly Published
2023-07-27 (about 11 months ago)
Added
2023-07-27 (about 11 months ago)
Last Updated
2023-07-27 (about 11 months ago)