CVE-2025-14865 Passster – Password Protect Pages and Content <= 4.2.24 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode

The Passster – Password Protect Pages and Content plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'contentprotector' shortcode in all versions up to, and including, 4.2.24. This makes it possible for authenticated attackers, with Contributor-level access and...

EUVD-2025-206505

The Passster – Password Protect Pages and Content plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'contentprotector' shortcode in all versions up to, and including, 4.2.24. This makes it possible for authenticated attackers, with Contributor-level access and...

CVE-2025-14865

CVE-2025-14865 (Passster WordPress plugin) : The Passster plugin is affected by a Stored Cross-Site Scripting vulnerability via the content_protector shortcode in all versions up to and including 4.2.24. Exploitation requires authenticated access at Contributor level or higher, enabling an attack...

PT-2026-5120

The Passster – Password Protect Pages and Content plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'content protector' shortcode in all versions up to, and including, 4.2.24. This makes it possible for authenticated attackers, with Contributor-level access and...