exploitDog

CVE-2025-5920

Опубликовано: 04 июл. 2025

Источник: nvd

CVSS3: 7.5

EPSS Низкий

Описание

The Sharable Password Protected Posts before version 1.1.1 allows access to password protected posts by providing a secret key in a GET parameter. However, the key is exposed by the REST API.

Ссылки

https://wpscan.com/vulnerability/dddd6074-1e1f-441f-86f7-316c30262c70/
Exploit
Third Party Advisory
https://wpscan.com/vulnerability/dddd6074-1e1f-441f-86f7-316c30262c70/
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:fabiantodt:private_post_share:*:*:*:*:*:wordpress:*:*

Версия до 1.1.1 (исключая)

EPSS

Процентиль: 20%

0.00065

Низкий

7.5 High

CVSS3

Дефекты

NVD-CWE-noinfo

Связанные уязвимости

GHSA-c2r3-hccf-qqvp

CVSS3: 7.5

github

7 месяцев назад

The Sharable Password Protected Posts before version 1.1.1 allows access to password protected posts by providing a secret key in a GET parameter. However, the key is exposed by the REST API.

EPSS

Процентиль: 20%

0.00065

Низкий

7.5 High

CVSS3

Дефекты

NVD-CWE-noinfo