Browse all 5 CVE security advisories affecting SecuPress. AI-powered Chinese analysis, POCs, and references for each vulnerability.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2024-43228 | WordPress SecuPress Free plugin <= 2.2.5.3 - Broken Access Control vulnerability — SecuPress FreeCWE-862 | 5.3 | Medium | 2026-02-20 |
| CVE-2025-3452 | SecuPress Free <= 2.3.9 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Plugin Installation — SecuPress with Simple SSL – Simple and Performant SecurityCWE-862 | 4.3 | Medium | 2025-04-29 |
| CVE-2025-30907 | WordPress SecuPress Free plugin <= 2.2.5.3 - Cross Site Scripting (XSS) vulnerability — SecuPress FreeCWE-79 | 6.5 | Medium | 2025-03-27 |
| CVE-2024-9019 | SecuPress Free — WordPress Security <= 2.2.5.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via secupress_check_ban_ips_form Shortcode — SecuPress with Simple SSL – Simple and Performant SecurityCWE-79 | 6.4 | Medium | 2025-02-28 |
| CVE-2024-1504 | SecuPress Free — WordPress Security <= 2.2.5.1 - Cross-Site Request Forgery to Banned IP Address — SecuPress with Simple SSL – Simple and Performant SecurityCWE-352 | 4.3 | Medium | 2024-04-02 |
This page lists every published CVE security advisory associated with SecuPress. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.