SecuPress Free allows unauthorized access to sensitive settings

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

5.3

SecuPress Free allows unauthorized access to sensitive settings

CVE-2024-43228

Summary

An unauthorized user can access sensitive settings in SecuPress Free, potentially compromising the security of your WordPress site. This issue affects all versions of SecuPress Free up to and including 2.2.5.3. Update to the latest version to fix this issue.

Original title

Missing Authorization vulnerability in SecuPress SecuPress Free secupress.This issue affects SecuPress Free: from n/a through <= 2.2.5.3.

Original description

Missing Authorization vulnerability in SecuPress SecuPress Free secupress.This issue affects SecuPress Free: from n/a through <= 2.2.5.3.

nvd CVSS3.1 5.3

Vulnerability type

CWE-862 Missing Authorization

https://patchstack.com/database/Wordpress/Plugin/secupress/vulnerability/wordpre...

Published: 20 Feb 2026 · Updated: 11 Mar 2026 · First seen: 6 Mar 2026