cleantalk
Vulnerabilities and Security Researches

Sharable Password Protected Posts, CVE-2025-5920

CVE, Research URL

CVE-2025-5920

Home page URL

Security reports for Sharable Password Protected Posts

Application

Sharable Password Protected Posts

Published on
Jul 04, 2025
Research Description
The Sharable Password Protected Posts before version 1.1.1 allows access to password protected posts by providing a secret key in a GET parameter. However, the key is exposed by the REST API.
Affected versions
Min -, max 1.1.1.
Status
vulnerable
Previous vulnerability researches
Solid Security – Password, Two Factor Authentication, and Brute Force Protection (CVE-2018-12636) , Jun 07, 2024
Solid Security – Password, Two Factor Authentication, and Brute Force Protection (CVE-2012-4264) , Jun 07, 2024
Solid Security – Password, Two Factor Authentication, and Brute Force Protection (CVE-2020-36176) , Jun 07, 2024
Solid Security – Password, Two Factor Authentication, and Brute Force Protection (CVE-2012-4263) , Jun 07, 2024
Solid Security – Password, Two Factor Authentication, and Brute Force Protection (CVE-2018-7433) , Jun 07, 2024
New vulnerability
Simple Featured Image (CVE-2025-7059) , Jul 13, 2025
WP Lightbox 2 (CVE-2025-3745) , Jul 13, 2025
Multi-language Responsive Contact Form (CVE-2025-29000) , Jul 13, 2025
RSFirewall! (CVE-2025-7518) , Jul 13, 2025
WCFM – Frontend Manager for WooCommerce along with Bookings Subscription Listings Compatible (CVE-2025-3780) , Jul 12, 2025