Sebastian's Blog

software developer. security enthusiast.

Day: 5 February 2021

WPS Hide Login 1.6.1 Protection Bypass (CVE-2021-3332)

The protective feature of WPS Hide Login can be bypassed by sending a crafted POST request containg the field post_password towards the default WordPress login url /wp-login.php. In file /classes/plugin.php on line 494 the plugin explicitly checks for the absence of this POST field but no else-case is defined.