WordPress Administration Panel Login Form Detected

Low Web Application Scanning Plugin ID 98207

Synopsis

WordPress Administration Panel Login Form Detected

Description

WordPress Administration Panel has been detected on the target web application.

This may present an attacker with an exploit vector which could be leveraged using other techniques, such as a
Brute-Force or Dictionary Attack, allowing an attacker to gain access to administrative functionality.

Solution

Restrict access to administrative functionality using a .htaccess file, limiting access to known IP Addresses.

See Also

https://codex.wordpress.org/htaccess

Plugin Details

Severity: Low

ID: 98207

Type: remote

Published: 2018/02/05

Updated: 2019/01/03

Risk Information

Risk Factor: Low

CVSS v2.0

Base Score: 2.6

Vector: CVSS2#AV:N/AC:H/Au:N/C:P/I:N/A:N

CVSS v3.0

Base Score: 3.1

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N

Reference Information

CWE: 16

WASC: Application Misconfiguration

OWASP: 2017-A6, 2013-A5, 2010-A6