Really Simple Security logo

Log out
Get PRO

Latest

Weak configuration vulnerability in Change WP Admin Login 1.1.3

  • Severity: medium-risk
  • Status: Fixed
  • Publication: July 27, 2023

The Change WP Admin Login plugin for WordPress, found in versions up to and including 1.1.3, has a security flaw. This flaw, called Protection Mechanism Failure, allows unauthenticated attackers to discover the URL of the login page, even if the plugin has been used to hide this information.

Detected in:

AIO Login — WordPress Login Security Plugin to Protect and Customize WP Admin fixed vulnerable versions:
All In One Login — WordPress Login Security Plugin to Protect and Customize WP Admin fixed vulnerable versions:
All In One Login — WP Admin Login Page Security and Customization with Google reCAPTCHA, Social Login, Limit Login Attempt, 2FA, and more. fixed vulnerable versions:
Change WP Admin Login fixed vulnerable versions: >= * <= 1.1.3

This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!

Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:

> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21

  • Incorrect?

Is this information incorrect? Please leave us a message.