Security Advisory

CVE-2025-4390

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-08-12 02:24:46

Last updated 2026-04-08 16:51:11

Assigner Wordfence

State PUBLISHED

Description

The WP Private Content Plus plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.6.2 via the validate_restrictions function. This makes it possible for unauthenticated attackers to extract sensitive data including the content of resticted posts on archive and feed pages.

← Browse all CVEs View on cve.org ↗