CVE-2025-30905 — Cross-site Scripting in PRO Secure Copy Content Protection AND Content Locking

CWE-79 — Cross-site Scripting3 documents3 sources

Severity

—N/A

No vector

EPSS

0.1%

top 66.20%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

AYS PRO Secure Copy Content Protection AND Content Locking

Timeline

PublishedApr 1

Description

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ays Pro Secure Copy Content Protection and Content Locking secure-copy-content-protection allows Stored XSS.This issue affects Secure Copy Content Protection and Content Locking: from n/a through <= 4.4.3.

Affected Packages1 packages

▶CVEListV5ays_pro/secure_copy_content_protection_and_content_locking4.4.3

🔴Vulnerability Details

GHSA

GHSA-f2xh-wfr6-g4gh: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ays Pro Secure Copy Content Protection and Conte↗2025-04-01

▶

CVEList

WordPress Secure Copy Content Protection and Content Locking plugin <= 4.4.3 - Cross Site Scripting (XSS) vulnerability↗2025-04-01

▶