Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com
☎ 03 60 47 09 81 - info@securiteinfo.com
%20%E2%80%93%20Security%20%26%20Firewall&color=blue)
The WP Ghost (Hide My WP Ghost) – Security & Firewall plugin for WordPress is vulnerable to Login Page Dislcosure in all versions up to, and including, 5.3.02. This is due to the plugin not properly restricting the /wp-register.php path. This makes it possible for unauthenticated attackers to discover the hidden login page location.
No PoCs from references.
- https://github.com/20142995/nuclei-templates
- https://github.com/cyb3r-w0lf/nuclei-template-collection