VYPR

Simple Page Access Restriction

by WordPress

Source repositories

CVEs (4)

  • CVE-2025-5142MedMay 30, 2025
    risk 0.35cvss 6.5epss 0.00

    The Simple Page Access Restriction plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.31. This is due to missing nonce validation and capability checks in the settings save handler in the settings.php script. This makes it…

  • CVE-2025-58202MedAug 27, 2025
    risk 0.28cvss 4.3epss 0.00

    Cross-Site Request Forgery (CSRF) vulnerability in Plugins and Snippets Simple Page Access Restriction simple-page-access-restriction allows Cross Site Request Forgery.This issue affects Simple Page Access Restriction: from n/a through <= 1.0.32.

  • CVE-2024-11295MedDec 18, 2024
    risk 0.27cvss 5.3epss 0.00

    The Simple Page Access Restriction plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.0.29 via the WordPress core search feature. This makes it possible for unauthenticated attackers to extract sensitive data from posts…

  • CVE-2024-0965MedFeb 8, 2024
    risk 0.27cvss 5.3epss 0.00

    The Simple Page Access Restriction plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.0.21 via the REST API. This makes it possible for unauthenticated attackers to bypass the plugin's page restriction and view page…