Leaky Paywall
by WordPress
Source repositories
CVEs (5)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-33594 | Hig | 0.49 | 7.5 | 0.00 | Apr 29, 2024 | Missing Authorization vulnerability in Leaky Paywall.This issue affects Leaky Paywall: from n/a through 4.20.8. | ||
| CVE-2025-31083 | Med | 0.42 | 6.5 | 0.00 | Mar 28, 2025 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ZEEN101 Leaky Paywall leaky-paywall allows Stored XSS.This issue affects Leaky Paywall: from n/a through <= 4.21.7. | ||
| CVE-2021-39357 | Med | 0.36 | 5.5 | 0.01 | Oct 21, 2021 | The Leaky Paywall WordPress plugin is vulnerable to Stored Cross-Site Scripting due to insufficient input validation and sanitization via the ~/class.php file which allowed attackers with administrative user access to inject arbitrary web scripts, in versions up to and including… | ||
| CVE-2025-66124 | Med | 0.34 | 5.3 | 0.00 | Dec 16, 2025 | Missing Authorization vulnerability in ZEEN101 Leaky Paywall leaky-paywall allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Leaky Paywall: from n/a through <= 4.22.6. | ||
| CVE-2024-37540 | Med | 0.28 | 4.3 | 0.00 | Jan 2, 2025 | Cross-Site Request Forgery (CSRF) vulnerability in ZEEN101 Leaky Paywall leaky-paywall allows Cross Site Request Forgery.This issue affects Leaky Paywall: from n/a through <= 4.21.2. |
- risk 0.49cvss 7.5epss 0.00
Missing Authorization vulnerability in Leaky Paywall.This issue affects Leaky Paywall: from n/a through 4.20.8.
- risk 0.42cvss 6.5epss 0.00
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ZEEN101 Leaky Paywall leaky-paywall allows Stored XSS.This issue affects Leaky Paywall: from n/a through <= 4.21.7.
- risk 0.36cvss 5.5epss 0.01
The Leaky Paywall WordPress plugin is vulnerable to Stored Cross-Site Scripting due to insufficient input validation and sanitization via the ~/class.php file which allowed attackers with administrative user access to inject arbitrary web scripts, in versions up to and including…
- risk 0.34cvss 5.3epss 0.00
Missing Authorization vulnerability in ZEEN101 Leaky Paywall leaky-paywall allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Leaky Paywall: from n/a through <= 4.22.6.
- risk 0.28cvss 4.3epss 0.00
Cross-Site Request Forgery (CSRF) vulnerability in ZEEN101 Leaky Paywall leaky-paywall allows Cross Site Request Forgery.This issue affects Leaky Paywall: from n/a through <= 4.21.2.