Vulnerabilities and security researches forwp-edit-password-protected wp-edit-password-protected

Oct 11, 2025

CVE, Research URL: CVE-2025-9034
Home page URL: Security reports for Wp Edit Password Protected – Create Member/User Only Page & Design Password Protected Form
Application: Wp Edit Password Protected – Create Member/User Only Page & Design Password Protected Form
Date: Sep 11, 2025
Research Description: The Wp Edit Password Protected WordPress plugin before 1.3.5 does not validate a parameter before redirecting the user to its value, leading to an Open Redirect issue
Affected versions: max 1.3.5.
Status: vulnerable

Jun 06, 2024

CVE, Research URL: 1e0884ac1bf0d8c5dc23bd874438b262b36ec45f
Home page URL: Security reports for Wp Edit Password Protected – Create Member/User Only Page & Design Password Protected Form
Application: Wp Edit Password Protected – Create Member/User Only Page & Design Password Protected Form
Date: Mar 21, 2023
Research Description: Wp Edit Password Protected – Create Member/User Only Page & Design Password Protected Form [wp-edit-password-protected] < 1.2.4 WordPress Wp Edit Password Protected – Create Member/User Only Page & Design Password Protected Form Plugin <= 1.2.3 is vulnerable to Cross Site Request Forgery (CSRF) Update the WordPress Wp Edit Password Protected – Create Member/User Only Page & Design Password Protected Form plugin to the latest available version (at least 1.2.4). Lana Codes discovered and reported this Cross Site Request Forgery (CSRF) vulnerability in WordPress Wp Edit Password Protected – Create Member/User Only Page & Design Password Protected Form Plugin. This could allow a malicious actor to force higher privileged users to execute unwanted actions under their current authentication. This vulnerability has been fixed in version 1.2.4.
Affected versions: max 1.2.4.
Status: vulnerable