CVE-2025-5998 PPWP < 1.9.11 - Subscriber+ Access Bypass via REST API
The PPWP – Password Protect Pages WordPress plugin before version 1.9.11 allows to put the site content behind a password authorization, however users with subscriber or greater roles can view content via the REST API...