Passwordprotectwp: >> Password Protect Wordpress >> 1.8.9 Security Vulnerabilities
The PPWP – Password Protect Pages WordPress plugin before version 1.9.11 allows to put the site content behind a password authorization, however users with subscriber or greater roles can view content via the REST API.
CVSS Score
6.5
EPSS Score
0.0
Published
2025-08-14
The PPWP – Password Protect Pages plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.8.9 via API. This makes it possible for unauthenticated attackers to obtain post titles, IDs, slugs as well as other information including for password-protected posts.
CVSS Score
5.3
EPSS Score
0.004
Published
2024-02-29