Correct : by-move security issue allowing for an unauthenticated person to have login webpage by environment a random referer string via curl ask for. This circumstance can come from plugins modifying your .htaccess documents to add or adjust rules, or from an previous WordPress MU configuration not up-to-date because Multisite https://wyweswy1.blogspot.com/2025/05/wps.html
