VYPR

Password Protected

by WordPress

Source repositories

CVEs (4)

  • CVE-2024-0656MedFeb 29, 2024
    risk 0.29cvss 4.4epss 0.00

    The Password Protected – Ultimate Plugin to Password Protect Your WordPress Content with Ease plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Google Captcha Site Key in all versions up to, and including, 2.6.6 due to insufficient input sanitization…

  • CVE-2024-0437MedMay 15, 2024
    risk 0.28cvss 4.3epss 0.00

    The Password Protected – Ultimate Plugin to Password Protect Your WordPress Content with Ease plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.6.6 via the API. This makes it possible for authenticated attackers, with…

  • CVE-2025-11244LowOct 25, 2025
    risk 0.24cvss 3.7epss 0.00

    The Password Protected plugin for WordPress is vulnerable to authorization bypass via IP address spoofing in all versions up to, and including, 2.7.11. This is due to the plugin trusting client-controlled HTTP headers (such as X-Forwarded-For, HTTP_CLIENT_IP, and similar…

  • CVE-2023-32580Jun 23, 2023
    risk 0.00cvss epss 0.00

    Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in WPExperts Password Protected plugin <= 2.6.2 versions.