CVE-2021-24881

Name of the Vulnerable Software and Affected Versions Passster WordPress plugin versions prior to 3.5.5.9

Description The issue allows unauthenticated users to bypass the protection offered by the plugin and access arbitrary posts, such as private content, by sending a specifically crafted request. This is due to the plugin not properly checking for password and public post status.

Recommendations For Passster WordPress plugin versions prior to 3.5.5.9, update to version 3.5.5.9 or later to resolve the issue. As a temporary workaround, consider restricting access to sensitive posts until the update is applied.