News Articles

Defender Security < 4.1.0 - Protection Bypass (Hidden Login Page)

Sprocket's own Juan Pablo Gomez Postigo discovers a major vulnerability affecting Wordpress.

From the Article

"The plugin does not prevent redirects to the login page via the auth_redirect WordPress function, allowing an unauthenticated visitor to access the login page, even when the hide login page functionality of the plugin is enabled."

See the Vulnerability on WP Scan

Media Contact

Marketing, Sprocket Security

Continuous Human & Automated Security

The Expert-Driven Offensive
Security Platform

Continuously monitor your attack surface with advanced change detection. Upon change, testers and systems perform security testing. You are alerted and assisted in remediation efforts all contained in a single security application, the Sprocket Platform.

Watch Demo Request Quote

Expert-Driven Offensive Security Platform

  • Attack Surface Management
  • Continuous Penetration Testing
  • Adversary Simulations