The WPS Hide Login WordPress plugin before 1.9.16.4 does not prevent redirects to the login page via the auth_redirect WordPress function, allowing an unauthenticated visitor to access the hidden login page.CreditsJuan Pablo Gomez PostigoWPScanReferenceshttps://wpscan.com/vulnerability/fd6d0362-df1d-4416-b8b5-6e5d0ce84793/
