- Description
- The Secure Copy Content Protection and Content Locking plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the ays_sccp_reports_user_search() function in all versions up to, and including, 4.4.7. This makes it possible for unauthenticated attackers to retrieve a list of registered user emails.
- Source
- security@wordfence.com
- NVD status
- Received
CVSS 3.1
- Type
- Primary
- Base score
- 5.3
- Impact score
- 1.4
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
- Severity
- MEDIUM
- security@wordfence.com
- CWE-862
- Hype score
- Not currently trending
New post from https://t.co/uXvPWJy6tj (CVE-2025-1404 | ays-pro Secure Copy Content Protection and Content Locking Plugin ays_sccp_reports_user_search authorization) has been published on https://t.co/wMKv60nPhz
@WolfgangSesin
2 Mar 2025
10 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
๐จ CVE-2025-1404 ๐ MEDIUM (5.3) ๐ข ays-pro - Secure Copy Content Protection and Content Locking ๐๏ธ * ๐ https://t.co/fvMGj0tISv ๐ https://t.co/adtXHk3yQ7 ๐ https://t.co/SZaNlLR0Ob ๐ https://t.co/LkQ0rFWFNZ ๐ https://t.co/h2fvO2rzsN #CyberCron #VulnAlert #InfoSec https://t.c
@cybercronai
2 Mar 2025
5 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-1404 The Secure Copy Content Protection and Content Locking plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the ays_scโฆ https://t.co/JDyUFYRhED
@CVEnew
1 Mar 2025
39 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes