.. / CVE-2023-5089

Exploit for Defender Security < 4.1.0 - Protection Bypass (Hidden Login Page) (CVE-2023-5089)

Description:

The Defender Security WordPress plugin before 4.1.0 does not prevent redirects to the login page via the auth_redirect WordPress function, allowing an unauthenticated visitor to access the login page, even when the hide login page functionality of the plugin is enabled.

Nuclei Template

View the template here CVE-2023-5089.yaml

Validate with Nuclei

echo "$URL" | nuclei -t ~/nuclei-templates/http/cves/2023/CVE-2023-5089.yaml
Copy

References:

https://nvd.nist.gov/vuln/detail/CVE-2023-5089
https://www.sprocketsecurity.com/resources/discovering-wp-admin-urls-in-wordpress-with-gravityforms
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5089
https://wpscan.com/vulnerability/2b547488-187b-44bc-a57d-f876a7d4c87d/