CVE-2025-57926
- EPSS 0.03%
- Veröffentlicht 22.09.2025 18:25:08
- Zuletzt bearbeitet 22.09.2025 21:22:33
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Chill Passster allows Stored XSS. This issue affects Passster: from n/a through 4.2.18.
CVE-2024-11282
- EPSS 0.25%
- Veröffentlicht 07.01.2025 07:15:25
- Zuletzt bearbeitet 05.06.2025 15:42:54
The Passster – Password Protect Pages and Content plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.2.10 via the WordPress core search feature. This makes it possible for unauthenticated atta...
CVE-2024-2026
- EPSS 0.18%
- Veröffentlicht 09.04.2024 19:15:24
- Zuletzt bearbeitet 06.05.2025 15:21:24
The Passster plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's content_protector shortcode in all versions up to, and including, 4.2.6.4 due to insufficient input sanitization and output escaping on user supplied attr...
CVE-2024-0616
- EPSS 0.43%
- Veröffentlicht 29.02.2024 01:43:23
- Zuletzt bearbeitet 27.01.2025 17:30:18
The Passster – Password Protect Pages and Content plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.2.6.2 via API. This makes it possible for unauthenticated attackers to obtain post titles, ...