cleantalk
Vulnerabilities and Security Researches

Sharable Password Protected Posts, CVE-2025-5920

CVE, Research URL

CVE-2025-5920

Home page URL

Security reports for Sharable Password Protected Posts

Application

Sharable Password Protected Posts

Published on
Jul 04, 2025
Research Description
The Sharable Password Protected Posts before version 1.1.1 allows access to password protected posts by providing a secret key in a GET parameter. However, the key is exposed by the REST API.
Affected versions
Min -, max 1.1.1.
Status
vulnerable
Previous vulnerability researches
Header Footer Code Manager , May 20, 2025
Header Footer Code Manager (CVE-2023-39989) , Jun 07, 2024
Header Footer Code Manager (CVE-2022-0710) , Jun 07, 2024
Header Footer Code Manager (CVE-2021-24791) , Jun 07, 2024
Header Footer Code Manager (CVE-2022-0899) , Jun 07, 2024
New vulnerability
WCFM – Frontend Manager for WooCommerce along with Bookings Subscription Listings Compatible (CVE-2025-3780) , Jul 12, 2025
Lana Downloads Manager (CVE-2025-7387) , Jul 12, 2025
Internal Linking of Related Contents (CVE-2025-49884) , Jul 12, 2025
Sharable Password Protected Posts (CVE-2025-5920) , Jul 12, 2025
Friends (CVE-2025-7504) , Jul 12, 2025