This is the Details (root cause?)
Secret Login Page Location Disclosure on Multisites vulnerability discovered by Naveen Muthusamy (Patchstack Alliance) in WordPress Plugin WPS Hide Login (versions <= 1.9.11)
I hope it is fixed soon! Although it is a Multisite vulnerability the “Bypass Vulnerability” seems to switch it off on single-sites!
