VYPR
Unrated severityNVD Advisory· Published Nov 7, 2022· Updated May 1, 2025

WP Hide <= 0.0.2 - Unauthenticated Settings Update

CVE-2022-3489

Description

The WP Hide WordPress plugin through 0.0.2 does not have authorisation and CSRF checks in place when updating the custom_wpadmin_slug settings, allowing unauthenticated attackers to update it with a crafted request

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.