Report
The Change WP Admin Login plugin for WordPress is vulnerable to Protection Mechanism Failure in versions up to, and including, 1.1.3 via the 'filter_wp_login_php' function. This can allow unauthenticated attackers to find the URL of the login page even after it has been hidden by the plugin's functionality.
Score:5.3
Severity:Medium
Version:< 1.1.4
There is a patch available in v1.1.4 and we strongly recommend you update to this version as soon as possible.
