[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fgt3jDWG4Klr75IghQr2cA-hc-E1xAvTJnzWAm1Qcn78":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":11,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":22,"download_link":23,"security_score":24,"vuln_count":13,"unpatched_count":25,"last_vuln_date":26,"fetched_at":27,"vulnerabilities":28,"developer":45,"crawl_stats":34,"alternatives":50,"analysis":151,"fingerprints":198},"sharable-password-protected-posts","Private Post Share","2.0.0","Fabian Todt","https:\u002F\u002Fprofiles.wordpress.org\u002Fgaambo\u002F","\u003Cp>Share a link to anonymous users to view private and password protected posts (or any other public post type).\u003C\u002Fp>\n\u003Cp>This plugin generates secret URLs (similar to Google Docs and other cloud services) for posts so you can share them with not-logged in users without having to share an extra password with them.\u003C\u002Fp>\n\u003Cp>For bug reports, security vulnerabilities, feature requests please visit the \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fgaambo\u002Fsharable-password-protected-posts\" rel=\"nofollow ugc\">GitHub repository\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>Usage\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>To enable a sharable url check the box below the edit post box on a private or password protected post\u003C\u002Fli>\n\u003Cli>The link will be displayed if the checkbox is checked, just copy and share the link.\u003C\u002Fli>\n\u003Cli>To disable just uncheck the box.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>By default, it’s enabled for all public post types, but that can be changed via the \u003Ccode>private_post_share\u002Fpost_types\u003C\u002Fcode> filter.\u003C\u002Fp>\n","Share password protected posts via secret URLs",100,3251,1,"2025-08-11T13:58:00.000Z","6.8.5","6.7","8.1",[19,20,21],"password-protected","secret-links","share-private","","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsharable-password-protected-posts.2.0.0.zip",99,0,"2025-06-13 00:00:00","2026-03-15T15:16:48.613Z",[29],{"id":30,"url_slug":31,"title":32,"description":33,"plugin_slug":4,"theme_slug":34,"affected_versions":35,"patched_in_version":36,"severity":37,"cvss_score":38,"cvss_vector":39,"vuln_type":40,"published_date":26,"updated_date":41,"references":42,"days_to_patch":44},"CVE-2025-5920","sharable-password-protected-posts-unauthenticated-password-protected-post-exposure","Sharable Password Protected Posts \u003C= 1.1.0 - Unauthenticated Password protected Post Exposure","The Sharable Password Protected Posts plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.1.0 due to password exposure of the _sppp_key key through the posts API. This makes it possible for unauthenticated attackers to extract information from password protected posts.",null,"\u003C=1.1.0","1.1.1","medium",5.3,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:N\u002FS:U\u002FC:L\u002FI:N\u002FA:N","Exposure of Sensitive Information to an Unauthorized Actor","2025-07-09 15:28:09",[43],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F128c6ab5-ddcf-4775-b390-db49da79e548?source=api-prod",27,{"slug":46,"display_name":7,"profile_url":8,"plugin_count":47,"total_installs":11,"avg_security_score":11,"avg_patch_time_days":44,"trust_score":48,"computed_at":49},"gaambo",2,94,"2026-04-04T07:15:30.071Z",[51,73,97,113,133],{"slug":52,"name":53,"version":36,"author":54,"author_profile":55,"description":56,"short_description":57,"active_installs":58,"downloaded":59,"rating":60,"num_ratings":61,"last_updated":62,"tested_up_to":63,"requires_at_least":64,"requires_php":22,"tags":65,"homepage":70,"download_link":71,"security_score":72,"vuln_count":25,"unpatched_count":25,"last_vuln_date":34,"fetched_at":27},"hide-price-until-login","Hide Price Until Login","cedcommerce","https:\u002F\u002Fprofiles.wordpress.org\u002Fcedcommerce\u002F","\u003Cp>Hide Price of the products on shop and product detail page until user is not logged in or until password is entered.\u003C\u002Fp>\n\u003Ch4>Main features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Hides the product’s price until the correct password is entered\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Hides the product’s price for specific users\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Hides the product’s price until the user is logged in\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Hides price from shop page and product detail page as well\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Hides the product’s price for none\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>At shop page only the details of a prodcut is shown, either it is a  simple product.\u003C\u002Fli>\n\u003Cli>Full customizable, most of the things are dynamic and can be customized by admin.\u003C\u002Fli>\n\u003Cli>Enable\u002FDisable all the features of plugin\u003C\u002Fli>\n\u003Cli>Efficient for valid user only.\u003C\u002Fli>\n\u003Cli>Easy to use and install\u003C\u002Fli>\n\u003Cli>Easy to configure\u003C\u002Fli>\n\u003Cli>Show\u002FHide password field.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Excellent language support\u003C\u002Fstrong>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>OTHER USEFUL PLUGINS FROM CEDCOMMERCE\u003C\u002Fh3>\n\u003Cp>Other useful plugins from Cedcommerce to make your web better:\u003C\u002Fp>\n\u003Cp>🔸 \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fshipping-delivery-date-management-with-gift-message\u002F\" rel=\"ugc\">Shipping & Delivery Date management with gift message\u003C\u002Fa>: Shipping & Delivery Date management with gift message extension allows selection of delivery date, messaging of gift hampers, shipping address management feature.\u003Cbr \u002F>\n 🔸 \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fhide-price-until-login\u002F\" rel=\"ugc\">Hide Price Until Login\u003C\u002Fa>: Hide Price of the products on shop and product detail page until user is not logged in or until password is entered.\u003Cbr \u002F>\n 🔸 \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Frecently-viewed-and-most-viewed-products\u002F\" rel=\"ugc\">Recently viewed and most viewed products\u003C\u002Fa>: Recently viewed and most viewed products provides an extra feature to merchant to show recently viewed products and most viewed products on the product detail page and also at any place through out the site by adding given shortcode.\u003Cbr \u002F>\n 🔸 \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwp-advanced-pdf\u002F\" rel=\"ugc\">WP Advanced PDF\u003C\u002Fa>: WP Advanced PDF is a pdf generator for posts to pages. This plugin enables your blog readers to create pdf of posts of your blog. WP Advanced PDF relies on the TCPDF class to render PDF.\u003Cbr \u002F>\n 🔸 \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwholesale-market\u002F\" rel=\"ugc\">Wholesale Market\u003C\u002Fa>: Wholesale Market woocommerce extension that empowers your shop with the capability to create wholesale users and give special privilege to them by setting product’s wholesale price.\u003C\u002Fp>\n\u003Ch4>About cedcommerce.com\u003C\u002Fh4>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fcedcommerce.com\u002F\" rel=\"nofollow ugc\">Cedcommerce\u003C\u002Fa> We embarked on the journey of providing best-in-class affordable eCommerce solutions. We came together as a group of hardworking people with a single-minded goal- making eCommerce easier.We believe in providing tailor-made solutions for our clients’ specific needs. Our attention to detail & dedication has helped us become a global leader and a one-stop shop for e-Commerce solutions.\u003C\u002Fp>\n\u003Ch3>INSTANT SUPPORT\u003C\u002Fh3>\n\u003Cp>Get prompt assistance via call, Skype, or Whats-app from our team. We will make sure that your queries and concerns are rectified within minimum time.\u003C\u002Fp>\n\u003Ch4>Support\u003C\u002Fh4>\n\u003Cp>If you need support or have any question then kindly use our online chat window \u003Ca href=\"http:\u002F\u002Fcedcommerce.com\" rel=\"nofollow ugc\">here\u003C\u002Fa> or send us email at \u003Ca href=\"mailto:support@cedcommerce.com\" rel=\"nofollow ugc\">support@cedcommerce.com\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>Follow Us\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Our Official Website\u003C\u002Fstrong> – \u003Ca href=\"http:\u002F\u002Fcedcommerce.com\u002F\" rel=\"nofollow ugc\">http:\u002F\u002Fcedcommerce.com\u002F\u003C\u002Fa> \u003C\u002Fli>\n\u003Cli>\u003Cstrong>Our Facebook Page\u003C\u002Fstrong> – \u003Ca href=\"https:\u002F\u002Fwww.facebook.com\u002FCedCommerce\" rel=\"nofollow ugc\">https:\u002F\u002Fwww.facebook.com\u002FCedCommerce\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Our Google+ Account\u003C\u002Fstrong> – \u003Ca href=\"https:\u002F\u002Fplus.google.com\u002Fu\u002F0\u002F118378364994508690262\" rel=\"nofollow ugc\">https:\u002F\u002Fplus.google.com\u002Fu\u002F0\u002F118378364994508690262\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Our Twitter Account\u003C\u002Fstrong> – \u003Ca href=\"https:\u002F\u002Ftwitter.com\u002Fcedcommerce\" rel=\"nofollow ugc\">https:\u002F\u002Ftwitter.com\u002Fcedcommerce\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Our LinkedIn Account\u003C\u002Fstrong> – \u003Ca href=\"https:\u002F\u002Fwww.linkedin.com\u002Fcompany\u002Fcedcommerce\" rel=\"nofollow ugc\">https:\u002F\u002Fwww.linkedin.com\u002Fcompany\u002Fcedcommerce\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n","Hide product price until the correct password is entered or until login.",2000,58058,70,24,"2022-07-18T16:50:00.000Z","6.0.0","4.3",[52,66,67,68,69],"password-protected-price-extension","woocommerce","woocommerce-plugin","wordpress","http:\u002F\u002Fcedcommerce.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fhide-price-until-login.zip",85,{"slug":74,"name":75,"version":76,"author":77,"author_profile":78,"description":79,"short_description":80,"active_installs":81,"downloaded":82,"rating":83,"num_ratings":84,"last_updated":85,"tested_up_to":86,"requires_at_least":87,"requires_php":22,"tags":88,"homepage":92,"download_link":93,"security_score":94,"vuln_count":95,"unpatched_count":25,"last_vuln_date":96,"fetched_at":27},"protected-posts-logout-button","Protected Posts Logout Button","1.4.6","Nate Reist","https:\u002F\u002Fprofiles.wordpress.org\u002Fnatereist\u002F","\u003Cp>This plugin simply adds a logout button to the content of any password protected post. Sometimes clients want a password protected page to share information with privileged individuals and the default 10 days for the cookie to expire is too long for their liking. So I wrote a little plugin to do this with AJAX and set the cookie to expire immediately, well actually 10 days in the past.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Works logged in or out as a WordPress user.\u003C\u002Fli>\n\u003Cli>Uses the same functionality WordPress uses to set post cookies.\u003C\u002Fli>\n\u003Cli>Has a simple settings page to make everything easier.\u003C\u002Fli>\n\u003Cli>Allows you to alert user they have logged out.\u003C\u002Fli>\n\u003C\u002Ful>\n","Automatically adds a logout button to your password protected content.",1000,33408,98,13,"2023-02-16T00:46:00.000Z","6.1.10","2.8",[89,90,91],"logout","password-protected-posts-logout-button","wordpress-security","http:\u002F\u002Fmindutopia.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fprotected-posts-logout-button.1.4.6.zip",84,3,"2023-02-20 00:00:00",{"slug":98,"name":99,"version":100,"author":101,"author_profile":102,"description":103,"short_description":104,"active_installs":105,"downloaded":106,"rating":11,"num_ratings":47,"last_updated":107,"tested_up_to":108,"requires_at_least":109,"requires_php":22,"tags":110,"homepage":22,"download_link":111,"security_score":112,"vuln_count":25,"unpatched_count":25,"last_vuln_date":34,"fetched_at":27},"wp-hidden-password-protected-page","WP Hidden Password Protected Pages","1.2.5","kimipooh","https:\u002F\u002Fprofiles.wordpress.org\u002Fkimipooh\u002F","\u003Cp>When the plugin is turned on, the password protected pages will be hidden. The user who knows the access URL continues to be able to access to the pages.\u003C\u002Fp>\n\u003Cp>Optional settings: The unlocked password protected page will be locked again after the idle time (Value of Idle time for Password Protected Pages).\u003C\u002Fp>\n","The plugin is for hiding the password protected pages (posts) in WordPress.",700,31886,"2025-04-02T01:28:00.000Z","6.7.5","6.0",[19],"https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-hidden-password-protected-page.1.2.5.zip",92,{"slug":114,"name":115,"version":116,"author":117,"author_profile":118,"description":119,"short_description":120,"active_installs":121,"downloaded":122,"rating":48,"num_ratings":95,"last_updated":123,"tested_up_to":15,"requires_at_least":124,"requires_php":125,"tags":126,"homepage":131,"download_link":132,"security_score":11,"vuln_count":25,"unpatched_count":25,"last_vuln_date":34,"fetched_at":27},"customize-private-protected","Customize Private & Protected – Change or remove title prefix and more","1.3.4","kirkclarke","https:\u002F\u002Fprofiles.wordpress.org\u002Fkirkclarke\u002F","\u003Cp>Use this plugin to hide or edit the prefix on your password protected or private page, add widget areas before and after the password protected form, and modify the label and submit button text. These changes are global and apply to all protected and private content respectively.\u003C\u002Fp>\n\u003Ch3>Donations\u003C\u002Fh3>\n\u003Cp>If you’d like to support future development, \u003Ca href=\"https:\u002F\u002Fwww.paypal.com\u002Fpaypalme\u002FKirkClarke\" rel=\"nofollow ugc\">buy me a tea\u003C\u002Fa>!\u003C\u002Fp>\n","Use WP Customize to modify elements of password protected and private posts and pages.",300,4498,"2025-10-04T20:41:00.000Z","5.8","7.0",[19,127,128,129,130],"prefix","private","remove","widget","https:\u002F\u002Fgithub.com\u002Fkclarkedesign\u002Fcpp","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcustomize-private-protected.1.3.4.zip",{"slug":134,"name":135,"version":136,"author":137,"author_profile":138,"description":139,"short_description":140,"active_installs":141,"downloaded":142,"rating":11,"num_ratings":95,"last_updated":143,"tested_up_to":144,"requires_at_least":145,"requires_php":22,"tags":146,"homepage":149,"download_link":150,"security_score":72,"vuln_count":25,"unpatched_count":25,"last_vuln_date":34,"fetched_at":27},"expire-password-protected-pages","Expire Password Protected Pages","0.1.0","TG","https:\u002F\u002Fprofiles.wordpress.org\u002Ftroyglancy\u002F","\u003Cp>Description: This plugin will require visitors to type in the password each time they are visiting a password protected page. This also will prevent the page from being accessible if someone types in the password on a public computer. By default WordPress password protected pages sessions will last 10 days. Originally came up with this idea when a client did not want a password protected pages accessible after the browser was closed. While you could add the code to your function.php within your theme I did not want the code to get overwritten when doing a theme update. Using this plugin avoids the need for updating the function.php file.\u003C\u002Fp>\n\u003Cp>Once you have it uploaded to your WordPress install. Simply login to your WordPress backend and activate the plugin. After it’s activated you no longer need to do anything. You can test the page by refreshing the page after typing the password or closing your browser. Once you visit the page again it will force you to type in the password.\u003C\u002Fp>\n\u003Cp>Please note: If you use a cache plugin it may cause the plugin to not work correctly. Please whitelist the page you’re password protecting within your cache plugin.\u003C\u002Fp>\n\u003Cp>You can use this plugin by downloading and unzippping it to the \u002Fplugin directory. Once you have it uploaded to your web host login to your WordPress backend and activate the plugin. After it’s activated you no longer need to do anything.\u003C\u002Fp>\n","Description: This plugin will require visitors to type in the password each time they are visiting a password protected page.",200,3295,"2018-05-22T03:44:00.000Z","4.9.29","3.7",[147,148],"password-protected-pages","security","https:\u002F\u002Fgithub.com\u002Ftroyglancy\u002FExpire-Password-Protected-Pages","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fexpire-password-protected-pages.zip",{"attackSurface":152,"codeSignals":183,"taintFlows":191,"riskAssessment":192,"analyzedAt":197},{"hooks":153,"ajaxHandlers":179,"restRoutes":180,"shortcodes":181,"cronEvents":182,"entryPointCount":25,"unprotectedCount":25},[154,160,164,170,173,176],{"type":155,"name":156,"callback":157,"file":158,"line":159},"action","enqueue_block_editor_assets","anonymous","includes\\editor.php",46,{"type":155,"name":161,"callback":157,"file":162,"line":163},"init","includes\\meta.php",82,{"type":165,"name":166,"callback":157,"priority":167,"file":168,"line":169},"filter","post_password_required",10,"includes\\posts.php",28,{"type":165,"name":171,"callback":157,"priority":167,"file":168,"line":172},"posts_results",80,{"type":165,"name":174,"callback":157,"priority":167,"file":168,"line":175},"protected_title_format",96,{"type":165,"name":177,"callback":157,"priority":167,"file":168,"line":178},"private_title_format",97,[],[],[],[],{"dangerousFunctions":184,"sqlUsage":185,"outputEscaping":187,"fileOperations":25,"externalRequests":25,"nonceChecks":25,"capabilityChecks":189,"bundledLibraries":190},[],{"prepared":25,"raw":25,"locations":186},[],{"escaped":47,"rawEcho":25,"locations":188},[],7,[],[],{"summary":193,"deductions":194},"The \"sharable-password-protected-posts\" v2.0.0 plugin exhibits a generally strong security posture based on the static analysis. The complete absence of dangerous functions, the exclusive use of prepared statements for SQL queries, and 100% proper output escaping are excellent indicators of secure coding practices. Furthermore, the presence of capability checks, even though no specific points of entry were identified, suggests an attempt to implement access control. The lack of any identified taint flows or unsanitized paths further reinforces this positive assessment of the code's current state.\n\nHowever, the plugin's vulnerability history presents a significant concern. While there are currently no unpatched vulnerabilities, the record indicates a past medium-severity vulnerability specifically related to the Exposure of Sensitive Information to an Unauthorized Actor. This suggests that, despite the current static analysis findings, the plugin has historically had issues that could lead to sensitive data leaks. The fact that the last vulnerability was in the future (2025-06-13) is highly unusual and likely an artifact of the provided data, but the presence of a past medium vulnerability cannot be ignored.\n\nIn conclusion, the current code analysis suggests a robustly written plugin with strong security foundations. The absence of immediate threats in the static analysis is reassuring. Nevertheless, the historical presence of a medium-severity vulnerability of a sensitive information exposure type warrants caution and emphasizes the need for ongoing vigilance and prompt patching of any future security flaws.",[195],{"reason":196,"points":167},"Past medium vulnerability related to sensitive info exposure","2026-03-16T20:38:21.879Z",{"wat":199,"direct":208},{"assetPaths":200,"generatorPatterns":203,"scriptPaths":204,"versionParams":205},[201,202],"\u002Fwp-content\u002Fplugins\u002Fsharable-password-protected-posts\u002Fbuild\u002Findex.js","\u002Fwp-content\u002Fplugins\u002Fsharable-password-protected-posts\u002Fbuild\u002Findex.css",[],[201],[206,207],"sharable-password-protected-posts\u002Fbuild\u002Findex.js?ver=","sharable-password-protected-posts\u002Fbuild\u002Findex.css?ver=",{"cssClasses":209,"htmlComments":210,"htmlAttributes":211,"restEndpoints":213,"jsGlobals":215,"shortcodeOutput":217},[],[],[212],"data-private-post-share-enabled",[214],"\u002Fwp-json\u002Fprivate-post-share\u002Fv1\u002Fsettings",[216],"window.privatePostShare",[]]