CVE-2025-57926
- EPSS 0.03%
- Published 22.09.2025 18:25:08
- Last modified 22.09.2025 21:22:33
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Chill Passster allows Stored XSS. This issue affects Passster: from n/a through 4.2.18.
CVE-2024-11282
- EPSS 0.25%
- Published 07.01.2025 07:15:25
- Last modified 05.06.2025 15:42:54
The Passster – Password Protect Pages and Content plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.2.10 via the WordPress core search feature. This makes it possible for unauthenticated atta...
CVE-2024-2026
- EPSS 0.18%
- Published 09.04.2024 19:15:24
- Last modified 06.05.2025 15:21:24
The Passster plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's content_protector shortcode in all versions up to, and including, 4.2.6.4 due to insufficient input sanitization and output escaping on user supplied attr...
CVE-2024-0616
- EPSS 0.43%
- Published 29.02.2024 01:43:23
- Last modified 27.01.2025 17:30:18
The Passster – Password Protect Pages and Content plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.2.6.2 via API. This makes it possible for unauthenticated attackers to obtain post titles, ...