CVE-2026-25335 — Missing Authorization in PRO Secure Copy Content Protection AND Content Locking

CWE-862 — Missing Authorization3 documents3 sources

Severity

4.3MEDIUMNVD

EPSS

0.0%

top 90.19%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

AYS PRO Secure Copy Content Protection AND Content Locking

Timeline

PublishedFeb 19

Description

Missing Authorization vulnerability in Ays Pro Secure Copy Content Protection and Content Locking secure-copy-content-protection allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Secure Copy Content Protection and Content Locking: from n/a through <= 5.0.0.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:NExploitability: 2.8 | Impact: 1.4

Affected Packages1 packages

▶CVEListV5ays_pro/secure_copy_content_protection_and_content_locking5.0.0

🔴Vulnerability Details

CVEList

WordPress Secure Copy Content Protection and Content Locking plugin <= 5.0.0 - Broken Access Control vulnerability↗2026-02-19

▶

GHSA

GHSA-4cq9-hp6g-498j: Missing Authorization vulnerability in Ays Pro Secure Copy Content Protection and Content Locking secure-copy-content-protection allows Exploiting Inc↗2026-02-19

▶