cleantalk
Vulnerabilities and Security Researches

Secure Copy Content Protection and Content Locking, CVE-2025-1404

CVE, Research URL

CVE-2025-1404

Home page URL

Security reports for Secure Copy Content Protection and Content Locking

Application

Secure Copy Content Protection and Content Locking

Published on
Mar 01, 2025
Research Description
The Secure Copy Content Protection and Content Locking plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the ays_sccp_reports_user_search() function in all versions up to, and including, 4.4.7. This makes it possible for unauthenticated attackers to retrieve a list of registered user emails.
Affected versions
Min -, max 4.4.8.
Status
vulnerable
Previous vulnerability researches
Secure Copy Content Protection and Content Locking (CVE-2025-30905) , Apr 04, 2025
Secure Copy Content Protection and Content Locking (CVE-2025-1404) , Mar 02, 2025
Secure Copy Content Protection and Content Locking (CVE-2025-32133) , Apr 06, 2025
Secure Copy Content Protection and Content Locking (CVE-2024-6138) , Jul 12, 2024
Secure Copy Content Protection and Content Locking (CVE-2024-6889) , Sep 06, 2024
New vulnerability
Sign-up Sheets (CVE-2025-26996) , Apr 17, 2025
Cart66 Cloud :: WordPress Ecommerce The Easy Way (CVE-2025-32653) , Apr 17, 2025
C9 Blocks (CVE-2025-26951) , Apr 17, 2025
Widget for Social Page Feeds (CVE-2024-13207) , Apr 17, 2025
WP User Profiles (CVE-2025-31524) , Apr 17, 2025