Passster – Password Protect Pages and Content

Vulnerabilities 15Slug content-protectorLatest version 4.3.4WordPress.org →

Minimum safe version

4.2.26

Update to 4.2.26 or later to address 15 fixable vulnerabilities

Latest available4.3.4 ✓

Medium 6.5

2025-09-22< 4.2.19

Passster <= 4.2.18 - Authenticated (Contributor+) Stored Cross-Site Scripting

Wordfence EUVD CVE

Medium 6.5

2026-02-12< 4.2.26

Passster <= 4.2.25 - Missing Authorization

Wordfence CVE

Medium 6.4

2026-01-28< 4.2.25

CVE-2025-14865

CVE Wordfence

High 7.5

2025-12-18< 4.2.20

CVE-2025-64218

CVE Wordfence

Medium 5.3

2025-01-07< 4.2.11

CVE-2024-11282

CVE Patchstack Wordfence

Medium 6.3

2024-10-16< 3.5.5.2

Freemius SDK <= 2.4.2 - Missing Authorization Checks

CVE

Medium 5.4

2024-04-09< 4.2.6.5

CVE-2024-2026

CVE Wordfence Patchstack

Medium 5.3

2024-02-20< 4.2.6.3

CVE-2024-0616

CVE Wordfence Patchstack WPScan

N/A

2023-07-18< 4.2.2

WordPress Passster – Password Protection Plugin < 4.2.2 is vulnerable to Cross Site Scripting (XSS)

Patchstack WPScan CVE

High 7.5

2023-01-23< 3.5.5.9

CVE-2021-24881

CVE Patchstack Wordfence WPScan

Medium 5.4

2023-01-23< 3.5.5.9

CVE-2021-24837

CVE Patchstack Wordfence WPScan

N/A

2022-03-04< 3.5.5.2

Freemius SDK <= 2.4.2 - Missing Authorization Checks

Wordfence

Medium 5.9

2022-10-17< 3.5.5.5.2

CVE-2022-3206

CVE Patchstack Wordfence WPScan

N/A

2022-02-28< 3.5.5.2

WordPress Passster – Password Protection plugin <= 3.5.5.1 - Sensitive Information Disclosure vulnerability

Patchstack

N/A

2022-02-28< 3.5.5.2

WordPress Passster – Password Protection plugin <= 3.5.5.1 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability

Patchstack