Ays-pro

Secure Copy Content Protection And Content Locking

14 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.4

CVE-2026-2367

  • EPSS 0.03%
  • Veröffentlicht 25.02.2026 09:26:51
  • Zuletzt bearbeitet 25.02.2026 14:15:29

The Secure Copy Content Protection and Content Locking plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'ays_block' shortcode in all versions up to, and including, 5.0.1 due to insufficient input sanitization and out...

4.3

CVE-2026-25335

  • EPSS 0.03%
  • Veröffentlicht 19.02.2026 08:26:57
  • Zuletzt bearbeitet 19.02.2026 21:18:30

Missing Authorization vulnerability in Ays Pro Secure Copy Content Protection and Content Locking secure-copy-content-protection allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Secure Copy Content Protection...

7.2

CVE-2026-1320

  • EPSS 0.03%
  • Veröffentlicht 12.02.2026 13:25:33
  • Zuletzt bearbeitet 12.02.2026 15:10:37

The Secure Copy Content Protection and Content Locking plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'X-Forwarded-For' HTTP header in all versions up to, and including, 4.9.8 due to insufficient input sanitization and outp...

4.3

CVE-2025-14159

  • EPSS 0.02%
  • Veröffentlicht 12.12.2025 11:15:49
  • Zuletzt bearbeitet 12.12.2025 15:17:31

The Secure Copy Content Protection and Content Locking plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.9.2. This is due to missing nonce validation on the 'ays_sccp_results_export_file' AJAX ac...

5.3

CVE-2025-14442

  • EPSS 0.06%
  • Veröffentlicht 12.12.2025 11:15:49
  • Zuletzt bearbeitet 12.12.2025 15:17:31

The Secure Copy Content Protection and Content Locking plugin for WordPress is vulnerable to sensitive information exposure due to storage of exported CSV files in a publicly accessible directory with predictable filenames in all versions up to, and ...

5.9

CVE-2025-32133

  • EPSS 0.17%
  • Veröffentlicht 04.04.2025 16:15:21
  • Zuletzt bearbeitet 07.04.2025 14:18:15

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ays Pro Secure Copy Content Protection and Content Locking allows Stored XSS. This issue affects Secure Copy Content Protection and Content Locking:...

7.1

CVE-2025-30905

  • EPSS 0.19%
  • Veröffentlicht 01.04.2025 21:15:45
  • Zuletzt bearbeitet 02.04.2025 14:58:07

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ays Pro Secure Copy Content Protection and Content Locking allows Stored XSS. This issue affects Secure Copy Content Protection and Content Locking:...

5.3

CVE-2025-1404

  • EPSS 0.4%
  • Veröffentlicht 01.03.2025 12:15:34
  • Zuletzt bearbeitet 01.03.2025 12:15:34

The Secure Copy Content Protection and Content Locking plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the ays_sccp_reports_user_search() function in all versions up to, and including, 4.4.7. Thi...

4.8

CVE-2024-6888

Exploit
  • EPSS 0.35%
  • Veröffentlicht 04.09.2024 06:15:17
  • Zuletzt bearbeitet 07.10.2024 15:41:03

The Secure Copy Content Protection and Content Locking WordPress plugin before 4.1.7 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the ...

4.8

CVE-2024-6889

Exploit
  • EPSS 0.28%
  • Veröffentlicht 04.09.2024 06:15:17
  • Zuletzt bearbeitet 07.10.2024 15:29:33

The Secure Copy Content Protection and Content Locking WordPress plugin before 4.1.7 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the ...