WP Clinic
Log in Sign up

PLUGIN SECURITY

Is WPS Hide Login safe?

Known vulnerabilities, PHP compatibility and safer alternatives for the WPS Hide Login WordPress plugin — checked against WP Clinic's local security database.

Plugin details

  • Slug: wps-hide-login
  • Requires PHP: 7.0+
  • Max supported PHP (analyzed): 8.4

Known vulnerabilities

  • WPS Hide Login [wps-hide-login] < 1.9.1 [CVE-2021-24917, WordPress WPS Hide Login plugin <= 1.9 - Protection Bypass with Referer-Header vulnerability, WPS Hide Login <= 1.9.0 - Hidden Login Page Location Disclosure, WPS Hide Login &lt; 1.9.1 - Protection Bypass with Referer-Header]
  • WPS Hide Login [wps-hide-login] < 1.1 [CVE-2015-9498, WPS Hide Login <= 1.0 - Cross-Site Request Forgery, WPS Hide Login 1.0 - CSRF]
  • WPS Hide Login [wps-hide-login] < 1.5.3 [CVE-2019-15823, WPS Hide Login <= 1.5.2.2 - Login Page Disclosure via 'action=confirmaction']
  • WPS Hide Login [wps-hide-login] < 1.5.3 [CVE-2019-15824, WPS Hide Login <= 1.5.2.2 - Login Page Disclosure via 'adminhash']
  • WPS Hide Login [wps-hide-login] < 1.5.3 [CVE-2019-15825, WPS Hide Login <= 1.5.2.2 - Login Page Disclosure via 'action=rp']
+ 11 more known vulnerabilities
  • WPS Hide Login [wps-hide-login] < 1.5.3 [CVE-2019-15826, WPS Hide Login <= 1.5.2.2 - Login Page Disclosure via Referer Header, WPS Hide Login &lt;= 1.5.2.2 - Multiples Issues]
  • WPS Hide Login [wps-hide-login] < 1.7 [CVE-2021-3332, WordPress WPS Hide Login plugin <= 1.6.1 - Login Page Protection Bypass vulnerability]
  • WPS Hide Login [wps-hide-login] < 1.5.5 [WordPress WPS Hide Login plugin <= 1.5.4.2 - Secret login page location disclosure vulnerability]
  • WPS Hide Login [wps-hide-login] < 1.5.3 [WordPress WPS Hide Login plugin <= 1.5.2.2 - Multiples Security Issues]
  • WPS Hide Login [wps-hide-login] < 1.1 [WordPress WPS Hide Login Plugin <= 1.0 - CSRF]
  • WPS Hide Login [wps-hide-login] < 1.5.5 [WPS Hide Login <= 1.5.4.2 - Hidden Login Page Location Disclosure]
  • WPS Hide Login [wps-hide-login] < 1.5.5 [WPS Hide Login &lt; 1.5.5 - Secret Login Page Disclosure]
  • WPS Hide Login [wps-hide-login] < 1.5.5 [CVE-2020-36710]
  • WPS Hide Login [wps-hide-login] < 1.9.12 [CVE-2023-49748, WordPress WPS Hide Login Plugin <= 1.9.11 is vulnerable to Bypass Vulnerability, WPS Hide Login <= 1.9.11 - Hidden Login Page Location Disclosure, WPS Hide Login &lt; 1.9.12 - Hidden Login Page Location Disclosure]
  • WPS Hide Login [wps-hide-login] < 1.9.16 [CVE-2024-2473, WPS Hide Login <= 1.9.15.2 - Login Page Disclosure, WordPress WPS Hide Login Plugin <= 1.9.15.2 is vulnerable to Bypass Vulnerability]
  • WPS Hide Login [wps-hide-login] < 1.9.16.4 [CVE-2024-6289, WordPress WPS Hide Login Plugin < 1.9.16.4 is vulnerable to Bypass Vulnerability, WPS Hide Login <= 1.9.16.3 - Login Page Disclosure]

Vulnerabilities are matched against the exact installed version when it's known. Always keep the plugin updated to the latest release.

Safer / more established alternatives

Check your own WordPress site

Run a free passive scan now, or create a free account and install the WP Clinic plugin for a deep scan of your whole hosting account and AI-assisted repair.