CVE-2025-58202
- EPSS 0.02%
- Veröffentlicht 27.08.2025 17:45:43
- Zuletzt bearbeitet 29.08.2025 16:24:09
Cross-Site Request Forgery (CSRF) vulnerability in Plugins and Snippets Simple Page Access Restriction allows Cross Site Request Forgery. This issue affects Simple Page Access Restriction: from n/a through 1.0.32.
CVE-2025-5142
- EPSS 0.04%
- Veröffentlicht 30.05.2025 09:22:06
- Zuletzt bearbeitet 04.06.2025 18:29:34
The Simple Page Access Restriction plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.31. This is due to missing nonce validation and capability checks in the settings save handler in the settin...
CVE-2024-11295
- EPSS 0.46%
- Veröffentlicht 18.12.2024 07:15:06
- Zuletzt bearbeitet 18.12.2024 07:15:06
The Simple Page Access Restriction plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.0.29 via the WordPress core search feature. This makes it possible for unauthenticated attackers to extrac...
CVE-2024-0965
- EPSS 0.34%
- Veröffentlicht 08.02.2024 09:15:46
- Zuletzt bearbeitet 21.11.2024 08:47:54
The Simple Page Access Restriction plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.0.21 via the REST API. This makes it possible for unauthenticated attackers to bypass the plugin's page re...