cleantalk
Vulnerabilities and Security Researches

Simple Page Access Restriction, CVE-2024-11295

CVE, Research URL

CVE-2024-11295

Home page URL

Security reports for Simple Page Access Restriction

Application

Simple Page Access Restriction

Published on
Dec 18, 2024
Research Description
The Simple Page Access Restriction plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.0.29 via the WordPress core search feature. This makes it possible for unauthenticated attackers to extract sensitive data from posts that have been restricted to higher-level roles such as logged-in users.
Affected versions
max 1.0.30.
Status
vulnerable
Previous vulnerability researches
Simple Page Access Restriction (CVE-2025-5142) , Jun 14, 2025
Simple Page Access Restriction (CVE-2024-11295) , Dec 19, 2024
Simple Page Access Restriction (CVE-2024-0965) , Jun 06, 2024
Simple Page Access Restriction (CVE-2025-58202) , Aug 30, 2025
New vulnerability
GitHub Gist Shortcode Plugin (CVE-2025-12667) , Dec 12, 2025
Cryptocurrency Payment Gateway for WooCommerce (CVE-2025-12392) , Dec 12, 2025
Wbcom Designs – Private Community for BuddyPress (CVE-2025-67582) , Dec 12, 2025
WP-Walla (CVE-2025-12589) , Dec 12, 2025
Master Addons for Elementor (CVE-2025-63055) , Dec 12, 2025