cleantalk
Vulnerabilities and Security Researches

Vulnerabilities and security researches forpassword-protect-page password-protect-page

Direction: descending
Aug 27, 2025

PPWP – Password Protect Pages # CVE-2025-5998

CVE, Research URL

CVE-2025-5998

Home page URL

Security reports for PPWP – Password Protect Pages

Application

PPWP – Password Protect Pages

Date
Aug 14, 2025
Research Description
The PPWP – Password Protect Pages WordPress plugin before version 1.9.11 allows to put the site content behind a password authorization, however users with subscriber or greater roles can view content via the REST API.
Affected versions
Min -, max -.
Status
vulnerable
Dec 18, 2024

PPWP – Password Protect Pages # CVE-2024-11280

CVE, Research URL

CVE-2024-11280

Home page URL

Security reports for PPWP – Password Protect Pages

Application

PPWP – Password Protect Pages

Date
Dec 17, 2024
Research Description
The PPWP – Password Protect Pages plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.9.5 via the WordPress core search feature. This makes it possible for unauthenticated attackers to extract sensitive data from posts that have been restricted to higher-level roles such as administrator.
Affected versions
Min -, max -.
Status
vulnerable
Jun 06, 2024

PPWP – Password Protect Pages # CVE-2024-0620

CVE, Research URL

CVE-2024-0620

Home page URL

Security reports for PPWP – Password Protect Pages

Application

PPWP – Password Protect Pages

Date
Feb 29, 2024
Research Description
The PPWP – Password Protect Pages plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.8.9 via API. This makes it possible for unauthenticated attackers to obtain post titles, IDs, slugs as well as other information including for password-protected posts.
Affected versions
Min -, max -.
Status
vulnerable

PPWP – Password Protect Pages # CVE-2022-4626

CVE, Research URL

CVE-2022-4626

Home page URL

Security reports for PPWP – Password Protect Pages

Application

PPWP – Password Protect Pages

Date
Feb 07, 2023
Research Description
The PPWP WordPress plugin before 1.8.6 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins.
Affected versions
Min -, max -.
Status
vulnerable