SecuPress with Simple SSL – Simple and Performant Security

Vulnerabilities 7Slug secupressLatest version 2.6.1WordPress.org →

Minimum safe version

2.3.10

Update to 2.3.10 or later to address 7 fixable vulnerabilities

Latest available2.6.1 ✓

Medium 4.3

2025-04-28< 2.3.10

SecuPress Free <= 2.3.9 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Plugin Installation

Medium 5.4

2025-03-27< 2.2.5.4

CVE-2025-30907

Medium 5.3

2026-02-20< 2.3

CVE-2024-43228

Medium 6.4

2025-02-28< 2.3

SecuPress Free — WordPress Security <= 2.2.5.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via secupress_check_ban_ips_form Shortcode

Medium 4.3

2024-04-02< 2.2.5.2

CVE-2024-1504

N/A

< 2.0

SecuPress < 2.0 - Unauthenticated Arbitrary IP Ban

N/A

2021-03-22< 2.0

SecuPress Free and SecuPress Pro <= 1.4.12 - Unauthenticated Arbitrary IP Ban