Simple Page Access Restriction
by WordPress
Source repositories
CVEs (4)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-5142 | Med | 0.35 | 6.5 | 0.00 | May 30, 2025 | The Simple Page Access Restriction plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.31. This is due to missing nonce validation and capability checks in the settings save handler in the settings.php script. This makes it… | ||
| CVE-2025-58202 | Med | 0.28 | 4.3 | 0.00 | Aug 27, 2025 | Cross-Site Request Forgery (CSRF) vulnerability in Plugins and Snippets Simple Page Access Restriction simple-page-access-restriction allows Cross Site Request Forgery.This issue affects Simple Page Access Restriction: from n/a through <= 1.0.32. | ||
| CVE-2024-11295 | Med | 0.27 | 5.3 | 0.00 | Dec 18, 2024 | The Simple Page Access Restriction plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.0.29 via the WordPress core search feature. This makes it possible for unauthenticated attackers to extract sensitive data from posts… | ||
| CVE-2024-0965 | Med | 0.27 | 5.3 | 0.00 | Feb 8, 2024 | The Simple Page Access Restriction plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.0.21 via the REST API. This makes it possible for unauthenticated attackers to bypass the plugin's page restriction and view page… |
- risk 0.35cvss 6.5epss 0.00
The Simple Page Access Restriction plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.31. This is due to missing nonce validation and capability checks in the settings save handler in the settings.php script. This makes it…
- risk 0.28cvss 4.3epss 0.00
Cross-Site Request Forgery (CSRF) vulnerability in Plugins and Snippets Simple Page Access Restriction simple-page-access-restriction allows Cross Site Request Forgery.This issue affects Simple Page Access Restriction: from n/a through <= 1.0.32.
- risk 0.27cvss 5.3epss 0.00
The Simple Page Access Restriction plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.0.29 via the WordPress core search feature. This makes it possible for unauthenticated attackers to extract sensitive data from posts…
- risk 0.27cvss 5.3epss 0.00
The Simple Page Access Restriction plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.0.21 via the REST API. This makes it possible for unauthenticated attackers to bypass the plugin's page restriction and view page…