cleantalk
Vulnerabilities and Security Researches

Passster – Password Protect Pages and Content, CVE-2021-24837

CVE, Research URL

CVE-2021-24837

Home page URL

Security reports for Passster – Password Protect Pages and Content

Application

Passster – Password Protect Pages and Content

Published on
Jan 23, 2023
Research Description
The Passster WordPress plugin before 3.5.5.8 does not escape the area parameter of its shortcode, which could allow users with a role as low as Contributor to perform Cross-Site Scripting attacks.
Affected versions
max 3.5.5.9.
Status
vulnerable
Previous vulnerability researches
Passster – Password Protect Pages and Content (CVE-2026-25036) , Feb 27, 2026
Passster – Password Protect Pages and Content (CVE-2025-14865) , Feb 27, 2026
Passster – Password Protect Pages and Content (bfdd54390f6c678c900a611cd5bef14a09d074cd) , Jun 07, 2024
Passster – Password Protect Pages and Content (CVE-2021-24881) , Jun 07, 2024
Passster – Password Protect Pages and Content (CVE-2024-2026) , Jun 07, 2024
New vulnerability
Serious Slider (CVE-2026-25399) , Feb 28, 2026
Omnipress (CVE-2026-25432) , Feb 28, 2026
MDirector Newsletter (CVE-2025-14852) , Feb 28, 2026
Alma – Pay in installments or later for WooCommerce (CVE-2026-24999) , Feb 28, 2026
Visual Website Collaboration, Feedback & Project Management – Atarim (CVE-2026-25019) , Feb 27, 2026