cleantalk
Vulnerabilities and Security Researches

Sharable Password Protected Posts, CVE-2025-5920

CVE, Research URL

CVE-2025-5920

Home page URL

Security reports for Sharable Password Protected Posts

Application

Sharable Password Protected Posts

Published on
Jul 04, 2025
Research Description
The Sharable Password Protected Posts before version 1.1.1 allows access to password protected posts by providing a secret key in a GET parameter. However, the key is exposed by the REST API.
Affected versions
Min -, max 1.1.1.
Status
vulnerable
Previous vulnerability researches
SiteGuard WP Plugin (CVE-2024-37881) , Jun 21, 2024
SiteGuard WP Plugin , Jun 28, 2025
New vulnerability
Pakke Envíos (CVE-2025-52819) , Jul 13, 2025
Gwolle Guestbook (CVE-2025-5807) , Jul 13, 2025
Tennis Court Bookings (CVE-2025-52787) , Jul 13, 2025
WPC Smart Compare for WooCommerce (CVE-2025-5530) , Jul 13, 2025
Simple Featured Image (CVE-2025-7059) , Jul 13, 2025