Really Simple Security logo

Log out
Get PRO

Latest

Input validation vulnerability in SecuPress Free — WordPress Security 2.2.5.3

  • Severity: medium-risk
  • Status: Fixed
  • Publication: March 27, 2025

A security issue has been found in the SecuPress Free plugin for WordPress versions up to 2.2.5.3. This issue, known as Stored Cross-Site Scripting, is caused by not properly cleaning up user input and can allow attackers with certain access levels to insert harmful code into web pages. This code can then be executed when a user visits the affected page.

Detected in:

SecuPress Free — WordPress Security fixed vulnerable versions: >= * <= 2.2.5.3
SecuPress Free with Simple SSL – Simple and Performant Security fixed vulnerable versions:
SecuPress Pro with Simple SSL – Simple and Performant Security fixed vulnerable versions:
SecuPress with Simple SSL – Simple and Performant Security fixed vulnerable versions:

This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!

Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:

> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21

  • Incorrect?

Is this information incorrect? Please leave us a message.