cleantalk
Vulnerabilities and Security Researches

Secure Copy Content Protection and Content Locking, CVE-2024-6138

CVE, Research URL

CVE-2024-6138

Home page URL

Security reports for Secure Copy Content Protection and Content Locking

Application

Secure Copy Content Protection and Content Locking

Published on
Jul 11, 2024
Research Description
The Secure Copy Content Protection and Content Locking WordPress plugin before 4.0.9 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).
Affected versions
Min -, max 4.0.9.
Status
vulnerable
Previous vulnerability researches
Secure Copy Content Protection and Content Locking (CVE-2025-30905) , Apr 04, 2025
Secure Copy Content Protection and Content Locking (CVE-2025-1404) , Mar 02, 2025
Secure Copy Content Protection and Content Locking (CVE-2025-32133) , Apr 06, 2025
Secure Copy Content Protection and Content Locking (CVE-2024-6138) , Jul 12, 2024
Secure Copy Content Protection and Content Locking (CVE-2024-6889) , Sep 06, 2024
New vulnerability
Sign-up Sheets (CVE-2025-26996) , Apr 17, 2025
Cart66 Cloud :: WordPress Ecommerce The Easy Way (CVE-2025-32653) , Apr 17, 2025
C9 Blocks (CVE-2025-26951) , Apr 17, 2025
Widget for Social Page Feeds (CVE-2024-13207) , Apr 17, 2025
WP User Profiles (CVE-2025-31524) , Apr 17, 2025