cleantalk
Vulnerabilities and Security Researches

Passster – Password Protect Pages and Content, CVE-2021-24881

CVE, Research URL

CVE-2021-24881

Home page URL

Security reports for Passster – Password Protect Pages and Content

Application

Passster – Password Protect Pages and Content

Published on
Jan 23, 2023
Research Description
The Passster WordPress plugin before 3.5.5.9 does not properly check for password, as well as that the post to be viewed is public, allowing unauthenticated users to bypass the protection offered by the plugin, and access arbitrary posts (such as private) content, by sending a specifically crafted request.
Affected versions
max 3.5.5.9.
Status
vulnerable
Previous vulnerability researches
Passster – Password Protect Pages and Content (CVE-2026-25036) , Feb 27, 2026
Passster – Password Protect Pages and Content (CVE-2025-14865) , Feb 27, 2026
Passster – Password Protect Pages and Content (bfdd54390f6c678c900a611cd5bef14a09d074cd) , Jun 07, 2024
Passster – Password Protect Pages and Content (CVE-2021-24881) , Jun 07, 2024
Passster – Password Protect Pages and Content (CVE-2024-2026) , Jun 07, 2024
New vulnerability
Serious Slider (CVE-2026-25399) , Feb 28, 2026
Omnipress (CVE-2026-25432) , Feb 28, 2026
MDirector Newsletter (CVE-2025-14852) , Feb 28, 2026
Alma – Pay in installments or later for WooCommerce (CVE-2026-24999) , Feb 28, 2026
Visual Website Collaboration, Feedback & Project Management – Atarim (CVE-2026-25019) , Feb 27, 2026