cbcvebase.

Ays Pro Secure Copy Content Protection And Content Locking vulnerabilities

5 known vulnerabilities affecting ays_pro/secure_copy_content_protection_and_content_locking.

Total CVEs
5
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH3MEDIUM2

Vulnerabilities

Page 1 of 1
CVE-2021-24484P3HIGHCVSS 7.2≥ 2.6.7, < 2.6.72021-08-02
CVE-2021-24484 [HIGH] CWE-89 CVE-2021-24484: The get_reports() function in the Secure Copy Content Protection and Content Locking WordPress plugi The get_reports() function in the Secure Copy Content Protection and Content Locking WordPress plugin before 2.6.7 did not use whitelist or validate the orderby parameter before using it in SQL statements passed to the get_results() DB calls, leading to SQL injection issues in the admin dashboard
nvd
CVE-2025-30905P4HIGHCVSS 7.1≤ 4.4.32025-04-01
CVE-2025-30905 [HIGH] CWE-79 CVE-2025-30905: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability i Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ays Pro Secure Copy Content Protection and Content Locking secure-copy-content-protection allows Stored XSS.This issue affects Secure Copy Content Protection and Content Locking: from n/a through <= 4.4.3.
nvd
CVE-2024-47306P4HIGHCVSS 7.1≤ 4.2.32024-10-06
CVE-2024-47306 [HIGH] CWE-79 CVE-2024-47306: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability i Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ays Pro Secure Copy Content Protection and Content Locking secure-copy-content-protection-subscribe-to-view allows Stored XSS.This issue affects Secure Copy Content Protection and Content Locking: from n/a through <= 4.2.3.
nvd
CVE-2025-32133P4MEDIUMCVSS 5.9≤ 4.5.52025-04-04
CVE-2025-32133 [MEDIUM] CWE-79 CVE-2025-32133: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability i Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ays Pro Secure Copy Content Protection and Content Locking secure-copy-content-protection allows Stored XSS.This issue affects Secure Copy Content Protection and Content Locking: from n/a through <= 4.5.5.
nvd
CVE-2026-25335P4MEDIUMCVSS 4.3≤ 5.0.02026-02-19
CVE-2026-25335 [MEDIUM] CWE-862 CVE-2026-25335: Missing Authorization vulnerability in Ays Pro Secure Copy Content Protection and Content Locking se Missing Authorization vulnerability in Ays Pro Secure Copy Content Protection and Content Locking secure-copy-content-protection allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Secure Copy Content Protection and Content Locking: from n/a through <= 5.0.0.
nvd
Ays Pro Secure Copy Content Protection And Content Locking vulnerabilities | cvebase